CertiK Discusses the Growing Frequency of Social Engineering Crypto Scams

The state of security across the crypto and blockchain space has changed significantly in the past few months. Traditional smart contracts exploited or brute force attacks on blockchain networks are being superseded by crypto scams like rug pulls and pump-and-dump schemes. 

BeInCrypto spoke with a spokesperson from security firm CertiK to understand how blockchain and security threats are evolving and how projects and users can safeguard against future exploits.

Social Media Hacks on the Rise

Over the past few months, the crypto community has seen a rise in social media-related hacks. This increasingly common tendency has pivoted away from the orchestration of more sophisticated blockchain attacks that have traditionally plagued headlines. 

Whereas smart contract exploits or blockchain hacks require more knowledge, hackers have found an easier avenue by targeting social media accounts instead.

“Social‬‭ media‬‭ accounts‬‭ have‬‭ become‬‭ attractive‬‭ targets‬‭ due‬‭ to‬‭ their‬‭ broad‬‭ reach‬‭ and‬‭ the‬‭ trust‬‭ followers‬‭ place‬‭ in‬‭ verified‬‭ profiles.‬‭ Compared‬‭ to‬‭ complex‬‭ blockchain‬‭ attacks,‬‭ hijacking‬‭ a‬‭ social‬‭ media‬‭ account‬‭ offers‬‭ a‬‭ quicker,‬‭ less‬‭ technically‬‭ demanding‬‭ way‬‭ to‬‭ spread‬‭ scams‬‭ to‬‭ a‬‭ massive‬‭ audience.‬‭ The‬‭ growing‬‭ frequency‬‭ of‬‭ such‬‭ breaches‬‭ suggests‬‭ hackers‬‭ are‬‭ focusing‬‭ more‬‭ on‬‭ social‬‭ engineering‬‭ and‬‭ credential theft over direct blockchain exploitation,” a CertiK spokesperson told BeInCrypto.

The accessibility of social media hacking has, in turn, expanded the pool of malicious actors capable of these attacks.

“‬This‬‭ trend‬‭ may‬‭ also‬‭ be‬‭ due‬‭ to,‬‭ in‬‭ part,‬‭ a‬‭ skills‬‭ gap‬‭ among‬‭ malicious‬‭ actors.‬‭ For‬‭ instance,‬‭ drainer-as-a-service‬‭ has‬‭ opened‬‭ doors‬‭ to‬‭ scammers‬‭ who‬‭ don’t‬‭ necessarily‬‭ understand‬‭ how‬‭ to‬‭ manipulate‬‭ smart‬‭ contracts.‬‭ Many‬‭ of‬‭ these‬‭ scammers‬‭ are‬‭ from‬‭ the‬‭ younger‬‭ generation,‬‭ which‬‭ means‬‭ they‬‭ are‬‭ more‬‭ likely‬‭ to‬‭ speak‬‭ about‬‭ their‬‭ financial‬‭ pursuits‬‭ online,‬‭ which‬‭ fuels‬‭ more‬‭ users‬‭ attempting‬‭ to‬‭ use‬‭ social‬‭ media‬‭ for‬‭ malicious‬‭ purposes,” the spokesperson added. 

X (formerly Twitter) has quickly become the social media platform of choice among Web3 hackers.

Social Media is Now a Prime Target for Web3 Hackers

After US President Donald Trump launched his meme coin only two days before assuming office, hackers began to take advantage of the hype to hack high-profile X accounts and convince followers to invest in scam meme coins.

Last month, anonymous hackers took over the X account of the former Malaysian Prime Minister Mahathir Mohamad to promote MALAYSIA, a fake meme coin promoted as the country’s official cryptocurrency. 

The post was removed within an hour, but the damage was done. Analysis shows that these hackers were probably related to the infamous Russian Evil Corp and that they stole $1.7 million in this rug pull.

“Given‬‭ that‬‭ X‬‭ is‬‭ the‬‭ most‬‭ popular‬‭ crypto‬‭ social‬‭ media‬‭ application,‬‭ it‬‭ makes‬‭ sense‬‭ that‬‭ popular‬‭ accounts‬‭ on‬‭ the‬‭ platform‬‭ have‬‭ been‬‭ targeted‬‭ to‬‭ attract‬‭ the‬‭ most‬‭ victims,” Certik spokesperson said. 

The MALAYSIA token scam happened only two weeks after hackers exploited former Brazilian President Jair Bolsonaro’s social media account. In that instance, scammers promoted the BRAZIL token, which rose over 10,000% in minutes, netting the scammers over $1.3 million.

These scams have also affected technological companies.

Attacks on Tech Companies

In December, AI research and development company Anthropic also saw its X account hacked. A fraudulent post claimed that a fake token called CLAUDE would incentivize AI and crypto projects and included a wallet address for investors.

Attackers managed to collect around $100,000 from speculative investors. 

“The‬‭ trend‬‭ is‬‭ real‬‭ and‬‭ concerning.‬‭ The‬‭ breaches‬‭ of‬‭ accounts‬‭ belonging‬‭ to‬‭ global‬‭ leaders‬‭ and‬‭ tech‬‭ companies‬‭ highlight‬‭ how‬‭ threat‬‭ actors‬‭ are‬‭ targeting‬‭ platforms‬‭ with‬‭ wide-reaching‬‭ influence,‬‭ using‬‭ them‬‭ to‬‭ amplify‬‭ fraudulent‬‭ crypto‬‭ schemes.‬‭ It‬‭ reflects‬‭ a‬‭ shift‬‭ in‬‭ tactics‬‭ where‬‭ social‬‭ media‬‭ is‬‭ becoming‬‭ a‬‭ primary‬‭ vector‬‭ for‬‭ crypto-related‬‭ scams,” the CertiK spokesperson told BeInCrypto.

These situations also highlight a broader issue of weak account security on social media platforms. As a result, even prominent individuals are susceptible to security breaches that directly affect the crypto community.

TRUMP Meme Coin Launch Was a Catalyst For Crypto Scams

After the launch of TRUMP, the frequency of socially engineered scams has become more apparent. In January, Ethereum co-founder Vitalik Buterin published a cathartic social media post criticizing TRUMP and meme coins.

“Now is the time to talk about the fact that large-scale political coins cross a further line: they are not just sources of fun, whose harm is at most contained to mistakes made by voluntary participants, they are vehicles for unlimited political bribery, including from foreign nation states,” Buterin claimed.

Buterin highlighted the tokens’ role in enabling scams and political corruption in crypto and blamed a regulatory loophole former SEC Chair Gary Gensler created for allowing bad actors to exploit governance tokens.

However, these crypto scams extend beyond political themes. 

Growth of Social Engineering Exploits

A week after Buterin cautioned against political meme coins, a Coinbase user lost $11.5 million after falling victim to a social engineering scam on Base. 

Crypto sleuth ZackXBT uncovered the exploit, pointing out that this incident is part of a growing trend, with multiple Coinbase users suffering similar losses. He also estimates that crypto scams of this nature have drained at least $150 million from Coinbase customers. 

“Coinbase has a serious fraud problem. I just uncovered many more recent thefts from Coinbase users. The $150 million stolen from Coinbase users in a year is just from thefts I independently confirmed. So it’s more than likely multiples of this number,” ZachXBT stated.

In social engineering scams, attackers use phishing emails, spoofed calls, and other deceptive tactics to trick victims into revealing private keys or login credentials. Once they gain access, they drain wallets, move funds, and take control of accounts.

For CertiK, these situations stipulate the need for stronger security measures. 

“Web3‬‭ security‬‭ platforms‬‭ are‬‭ adapting‬‭ by‬‭ expanding‬‭ their‬‭ focus‬‭ beyond‬‭ smart‬‭ contract‬‭ vulnerabilities‬‭ to‬‭ include‬‭ broader‬‭ threat‬‭ detection,‬‭ particularly‬‭ around‬‭ social‬‭ engineering‬‭ risks.‬‭ Many‬‭ are‬‭ integrating‬‭ AI-driven‬‭ monitoring‬‭ tools‬‭ to‬‭ flag‬‭ unusual‬‭ account‬‭ activity,‬‭ especially‬‭ on‬‭ social‬‭ media,‬‭ and‬‭ are‬‭ educating‬‭ users‬‭ about‬‭ the‬‭ dangers‬‭ of‬‭ impersonation‬‭ scams.‬‭ The‬‭ evolving‬‭ threat‬‭ landscape‬‭ has‬‭ prompted‬‭ a‬‭ more‬‭ holistic approach to security, blending traditional blockchain defenses with social platform safeguards,” the spokesperson said. 

Addressing these security challenges is crucial as new crypto projects increase exponentially.

Prioritizing Proactive Security in a Rapidly Growing Industry

The Web3 sector is experiencing consistent growth, marked by a surge in new crypto project launches. This innovative momentum is expected to continue, but it’s also fueling security concerns.

Notably, the increasing rate of scams and hacks in the first three months of 2025 makes it clear that security efforts are struggling to keep up with innovation.

A study by Precedence Research estimates the Web 3.0 market will expand from USD 4.62 billion in 2025 to approximately USD 99.75 billion by 2034, with a projected compound annual growth rate (CAGR) of 41.18% during that period.

Predicted market size of Web3 in the next ten years. Source: Precedence Research.

Yet, CertiK believes that project developers are pushing security considerations toward the end of the priority list.

“Despite‬‭ the‬‭ surge‬‭ in‬‭ new‬‭ projects,‬‭ adherence‬‭ to‬‭ proper‬‭ audit‬‭ protocols‬‭ remains‬‭ inconsistent.‬‭ While‬‭ some‬‭ projects‬‭ prioritize‬‭ thorough‬‭ smart‬‭ contract‬‭ audits,‬‭ others‬‭ rush‬‭ to‬‭ the‬‭ market,‬‭ sidelining‬‭ security‬‭ to‬‭ capitalize‬‭ on‬‭ market‬‭ trends‬‭ in‬‭ an‬‭ attempt‬‭ to‬‭ generate‬‭ rapid‬‭ profits,” said the CertiK spokesperson.

Understandably, the considerable rise in Web3 projects makes it more difficult for security firms to keep up with the pace and width of demand.

“Although‬‭ there‬‭ is‬‭ growing‬‭ awareness‬‭ around‬‭ the‬‭ importance‬‭ of‬‭ audits,‬‭ the‬‭ pace‬‭ of‬‭ new‬‭ launches‬‭ often‬‭ outstrips‬‭ the‬‭ capacity‬‭ of‬‭ security‬‭ firms,‬‭ leading‬‭ to‬‭ such‬‭ gaps.‬‭ Consequently,‬‭ many‬‭ projects‬‭ are‬‭ vulnerable‬‭ to‬‭ exploits,‬‭ highlighting‬‭ the‬‭ need‬‭ for‬‭ more standardized auditing requirements across the space,” the spokesperson concluded. 

As the Web3 ecosystem evolves, a proactive and adaptive security approach is critical. Prioritizing both blockchain integrity and social media vigilance will be essential for safeguarding the growing Web3 ecosystem.

The battle against these exploits requires a future where security is not an afterthought but a foundational pillar of every Web3 project and user interaction.