Save And Increase › Investing › Crypto Hacks and Scams Hit $364M in April, Says CertiK

Investing 01-05-2025 12:03 10 Views

Crypto Hacks and Scams Hit $364M in April, Says CertiK

April 2025 became yet another historic month for the crypto industry, as blockchain security firm CertiK confirmed that a staggering $364 million was lost to scams, hacks, and phishing attacks.

#CertiKStatsAlert

Combining all the incidents in April we’ve confirmed ~$364M lost to exploits, hacks and scams after ~$18.2m was returned.

KiloEx, Loopscale and zkSync all had funds returned by whitehat exploiters.

~$337M of the total is attributed to phishing.

More… pic.twitter.com/0GBcSZgdPB

— CertiK Alert (@CertiKAlert) April 30, 2025

This figure marks a 1,163% increase from March’s $28.8 million in losses. The surge, according to CertiK’s April 30 post on X, was driven primarily by a single, devastating event.

The theft involved 3,520 Bitcoins, valued at $330.7 million, stolen from an elderly U.S. citizen, making it the fifth-largest crypto hack ever recorded.

Though April’s total was heavily skewed by this singular event, even without it, the losses remained significant at $34 million, still up 21% from March.

The most damaging threats came in the form of phishing attacks, social engineering, access control exploits, and price manipulation.

Phishing and Social Engineering

Phishing accounted for the lion’s share of April’s losses, approximately $337 million.

The standout case was the theft from the elderly U.S. investor, where the attacker used highly advanced social engineering tactics to deceive the victim and gain access to their Bitcoin wallet.

A suspected theft of 3,520 Bitcoin valued at approximately $330.7 million has triggered a sharp rally in Monero (XMR).#Bitcoin #XMR https://t.co/AXZu6RYpI4

— Cryptonews.com (@cryptonews) April 28, 2025

According to CertiK, this event marks a new wave of cybercrime, where criminals bypass code and blockchain infrastructure entirely, opting instead to exploit human behavior.

Social engineering, a tactic that manipulates individuals into revealing confidential information, has become one of the most effective strategies for crypto criminals.

These attacks are particularly insidious because they often appear legitimate, tricking even experienced investors.

April’s numbers also reflect a broader trend. CertiK’s report isn’t the only one that paints a troubling picture.

Immunefi, another blockchain security firm, recorded $92 million in losses across 15 incidents in April alone.

#Hackers stole more than $92.4 million from #crypto projects in April 2025, while the total loss for the first four months of the year alone surpassed $1.74 billion, according to @Immunefi.https://t.co/YECTPKFNNY

— Cryptonews.com (@cryptonews) April 30, 2025

The firm also confirmed that all the attacks targeted DeFi platforms, with centralized exchanges reporting no security incidents during the month.

The largest attack cited by Immunefi, on the open-source platform UPCX, led to over $70 million in damages. It was followed by the $7.5 million KiloEx exploit.

White Hat Hackers Help Recover Millions Amid Mounting Threats

Despite the grim numbers, April had a silver lining, as some of the stolen funds were recovered.

CertiK confirmed that approximately $18.2 million was returned, thanks to the efforts of white-hat hackers and cooperative exploiters.

Ethical hackers played a crucial role in helping three platforms, KiloEx, zkSync, and Loopscale, recover their losses.

KiloEx, which had suspended operations following a $7.5 million exploit, saw the stolen funds returned just four days after the incident. In a rare gesture of goodwill, the attacker chose to return the funds in full.

Similarly, Loopscale successfully negotiated with its attacker to recover $5.8 million after a vulnerability in its token pricing mechanism was exploited. The attacker agreed to return the funds in exchange for a 10% white hat bounty and legal immunity.

Meanwhile, zkSync Association recovered $5 million in stolen tokens after its airdrop distribution contract was breached. The agreement involved a similar bounty reward.

April’s spike in losses may be shocking, but it’s not isolated. Earlier in the year, February saw the costliest month to date, with crypto losses totaling $1.53 billion.

The funds stolen in the Bybit hack are on the move — and investigators have a clearer idea of how the $1.4 billion in crypto was stolen#Bybit #LazarusGroup https://t.co/P9mgdDbkd1

— Cryptonews.com (@cryptonews) February 25, 2025

The bulk of that was attributed to a $1.46 billion hack on Bybit, believed to have been orchestrated by the North Korean Lazarus Group, now considered responsible for the largest crypto heist in history.

State-backed threats remain one of the most serious long-term risks to the crypto industry.

Despite numerous warnings, hackers have already stolen more in 2025 than they did in the entire year of 2024. As of the end of April, over $1.7 billion in crypto has been lost, eclipsing last year’s $1.49 billion in just four months.

For now, the $364 million lost in April serves as both a brutal financial hit and a dire warning.

As phishing and social engineering continue to prove effective, investors are advised to remain vigilant and educate themselves on best practices to stay secure at all times.

The post Crypto Hacks and Scams Hit $364M in April, Says CertiK appeared first on Cryptonews.

Other news

01-05-2025 18:03

Tesla Chair Refutes Report Detailing Plans For Elon Musk’s Replacement

01-05-2025 18:03

Solana Price Prediction: New Proposal to SEC Could Bring U.S. Stocks Directly On-Chain – $1,000 SOL Incoming?

Enter Your Information Below To Receive Latest News, And Articles.

Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!