Trade
Trading Type
Spot
Trade crypto freely
Alpha
Points
Get promising tokens in streamlined on-chain trading
Pre-Market
Trade new tokens before they are officially listed
Margin
Magnify your profit with leverage
Convert & Block Trading
0 Fees
Trade any size with no fees and no slippage
Leveraged Tokens
Get exposure to leveraged positions simply
Futures
Futures
Hundreds of contracts settled in USDT or BTC
Options
HOT
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Futures Kickoff
Get prepared for your futures trading
Futures Events
Participate in events to win generous rewards
Demo Trading
Use virtual funds to experience risk-free trading
Earn
Launch
Investment
Simple Earn
VIP
Earn interests with idle tokens
Auto-Invest
Auto-invest on a regular basis
Dual Investment
Buy low and sell high to take profits from price fluctuations
Quant Fund
VIP
Top asset management team helps you profit without hassle
Crypto Loan
0 Fees
Pledge one crypto to borrow another
Lending Center
One-Stop Lending Hub
VIP Wealth Hub
New
Customized wealth management empowers your assets growth
Private Wealth Management
Customized asset management to grow your digital assets
Staking
Stake cryptos to earn in PoS products
BTC Staking
HOT
Stake BTC and earn 10% APR
GUSD Minting
New
Use USDT/USDC to mint GUSD for treasury-level yields
Soft Staking
Earn rewards with flexible staking
More
- Trending TopicsView More
93.9K Popularity
9.4K Popularity
4.9K Popularity
170.8K Popularity
50.7K Popularity
- Pin
What Are the Biggest Smart Contract Vulnerabilities That Led to $2.1 Billion in Crypto Losses in 2025?
Smart contract vulnerabilities led to $2.1 billion losses in 2025
Cryptocurrency security faced significant challenges in 2025, with hackers stealing over $2.1 billion across 75 incidents during the first half of the year alone—already surpassing the entire previous year's losses of $1.8 billion. However, contrary to earlier trends, the primary vulnerability has shifted from smart contract code to human behavior.
CertiK's security reports reveal a substantial transformation in attack vectors, with hackers increasingly targeting users through social engineering rather than exploiting technical smart contract flaws:
| Attack Vector | Loss Amount | Percentage of Total | |---------------|-------------|---------------------| | Access Control Exploits | $953.2M | 45.4% | | Phishing/Social Engineering | $330.7M+ | 15.7% | | Logic Errors | $63.8M | 3.0% | | Reentrancy Attacks | $35.7M | 1.7% | | Flash Loan Attacks | $33.8M | 1.6% |
The largest single incident involved a $330.7 million Bitcoin theft from an elderly US individual through social engineering. According to Ronghui Gu, CertiK's co-founder, this trend indicates attackers now prefer manipulating victims to reveal confidential wallet information or grant account access rather than hunting for code vulnerabilities.
This dramatic shift demonstrates the security landscape's evolution, as North Korean-linked hacking groups (responsible for $1.3 billion in 2024) have temporarily reduced activity after July, suggesting potential new tactics development or focus on different exploitation methods.
AI-driven crypto scams increased by 456% from 2024 to 2025
Recent reports reveal a staggering 456% surge in AI-driven cryptocurrency scams between May 2024 and April 2025 compared to the previous year. Blockchain intelligence firm TRM Labs has documented how these sophisticated attacks have evolved at unprecedented rates, with fraudsters leveraging AI technologies to create increasingly convincing deceptions.
The financial impact of these scams has been devastating:
| Scam Type | Financial Impact | Notable Features | |-----------|-----------------|------------------| | Deepfake-enabled scams | $4.6 billion (2024) | Most commonly reported AI scam type | | Total crypto fraud | $10.7 billion (2024) | Romance scams, fake trading platforms | | Pig-butchering schemes | Major contributor | Relationship building before account draining |
Investigators report dismantling at least 87 deepfake scam rings in early 2025 alone. These criminal operations have industrialized their approach, with evidence showing scam proceeds being routed directly to AI-as-a-service vendors, effectively purchasing deepfake capabilities similar to corporate SaaS subscriptions.
Security experts warn that scammers now deploy large language models to automate financial grooming, create realistic personas, and generate multilingual phishing campaigns at scale. The sophistication of these attacks has increased dramatically, with AI-generated voices, synthetic credentials, and deepfake videos becoming standard tools in the fraudster's arsenal, making detection increasingly challenging for average users.
DeFi platforms remain prime targets for security attacks
Despite notable security improvements across the cryptocurrency landscape, DeFi platforms continue to be prime targets for sophisticated attacks in 2025. Smart contract vulnerabilities and persistent access control issues remain the Achilles' heel of many protocols, with cross-chain bridges proving particularly susceptible. The financial impact has been devastating, as evidenced by recent high-profile breaches.
Recent attack statistics paint a concerning picture:
| Period | DeFi Losses | Notable Exploits | Primary Vulnerability Types | |--------|-------------|------------------|----------------------------| | 2024-2025 | $372.8 million | Cetus Protocol ($223M), Radiant Capital ($55M) | Access control, smart contract flaws | | 2024 | Part of $2.2 billion stolen in crypto overall | Cross-chain bridges, vault systems | Private key thefts, contract vulnerabilities |
While DeFi-related hacks have actually dropped by approximately 40% in 2024, the financial impact remains significant. Nearly half of all DeFi losses in 2024 stemmed from access control vulnerabilities, highlighting how fundamental security issues persist even in well-audited protocols. The Bybit exploit further demonstrates that even established platforms aren't immune to sophisticated attacks that can drain hundreds of millions in minutes. Security experts warn that until DeFi projects prioritize comprehensive security audits and adopt more defensive development practices, these lucrative platforms will continue to attract determined attackers.
Regulatory bodies urge enhanced oversight of crypto assets
Financial regulatory bodies worldwide have intensified their calls for comprehensive oversight of crypto assets to safeguard financial stability. The Financial Stability Board (FSB) published recommendations emphasizing that authorities should implement effective regulation and supervision of crypto-asset activities proportionate to the financial risks they pose. The core principle guiding this approach is "same activity, same risk, same regulation," ensuring consistent standards across traditional and digital financial sectors.
Regulatory frameworks are evolving to address specific aspects of the crypto ecosystem, as shown in recent developments:
| Regulatory Focus | Implementation Approach | Primary Concern | |-----------------|------------------------|----------------| | Comprehensive Governance | Clear accountability lines | Market integrity | | Risk-based Supervision | Proportionate oversight | Financial stability | | Cross-border Coordination | Harmonized standards | Regulatory arbitrage prevention |
The President's Working Group on Digital Assets, comprising representatives from Treasury, SEC, CFTC, and Homeland Security, has released recommendations supporting responsible growth of blockchain technologies while addressing risks. Federal banking agencies are prioritizing clarity on digital asset activities, particularly regarding custody services, stablecoin reserves, and tokenization of deposits.
Regulatory clarity benefits both market participants and consumers, as evidenced by the establishment of specialized crypto task forces within agencies like the SEC to develop tailored approaches that balance innovation with investor protection.