Hacking is the Biggest Threat of 2025: Social Engineering Attacks Steal Crypto Assets Worth $282 Million

Hacking is a phenomenon that continues to evolve in the crypto industry, with increasingly sophisticated methods targeting digital assets worth hundreds of millions of dollars. In early January, a major incident revealed how easily hackers can access hardware wallets through social engineering rather than technical sophistication alone.

According to leading blockchain researcher ZachXBT, a hacker successfully accessed the victim’s wallet on January 10th at 23:00 UTC, taking away 2.05 million litecoin (LTC) and 1,459 bitcoin (BTC) with a total value of $282 million. The attacker then quickly exchanged most of the funds for monero (XMR), a privacy coin that provides high anonymity in blockchain transactions.

How Social Engineering Steals Large-Scale Crypto Assets

Social engineering is a hacker’s favorite strategy to breach even the tightest security defenses. Instead of brute force attacks or technical exploits, the attacker impersonates a trusted employee, gradually builds trust with the victim, and ultimately persuades them to reveal sensitive information—such as private keys or login credentials that grant full access to the wallet.

In this case, the hacker managed to obtain critical information that allowed direct access to assets in the hardware wallet. Such methods show that even the best hardware can become vulnerable when its owner falls into a carefully crafted manipulation scheme.

Instant Exchange and Monero: Masking Digital Trails

After securing the assets, the perpetrator immediately converted the funds into monero, a cryptocurrency known for its high-level privacy features. This movement triggered a 70% surge in XMR’s price over the following four days, reflecting significant buying volume.

Researcher ZachXBT found that some of the bitcoin was also transferred across multiple blockchains—including Ethereum, Ripple, and Litecoin—via the cross-chain protocol Thorchain. This fragmentation strategy is designed to make tracking the funds more difficult and to break the trail of assets across different ledger systems. However, ZachXBT emphasized that there is no indication of North Korean threat actors being involved in this attack.

Ledger Data Leak: Triggering a Wave of Chain Attacks

A few days before this major hacking incident, Ledger— a leading hardware wallet provider— announced a data leak on January 5th. The incident exposed users’ personal information, including full names and contact details. The breach of the Ledger user database created a golden opportunity for hackers to conduct more targeted and persuasive social engineering attacks.

The combination of data leaks and social engineering attacks creates a perfect storm: hackers have potential victim identities and can use them to build credibility and trust in their manipulative communications.

Hacking as a Main Attack Vector: Concerning 2025 Trend

Data shows that by 2025, social engineering has emerged as the most dominant attack vector in the crypto security landscape. Unlike traditional narratives emphasizing technical vulnerabilities, the most real and effective threats come from psychological and social manipulation.

Crypto users are advised to strengthen their security awareness. Best practices include: verifying the identity of callers or message senders before sharing sensitive information, never revealing private keys to anyone—even company representatives, using official communication channels verified by the company, and routinely monitoring wallet activity to detect unauthorized access. Awareness of evolving social engineering tactics becomes the first line of defense that must not be overlooked in this digital age.