The year 2025 is shaping up to be one of the toughest for crypto security, with increasingly sophisticated hacks and wallet drains surfacing across the community.
From deepfake phishing calls to advanced wallet drainer scripts, incidents shared by users on X over the past week show how quickly attackers are adapting, and how easily even the crypto OGs can be caught off guard.
Phishing gets a deepfake upgrade
One of the most notable cases involved a user known as JP (@jpthor on X), who detailed how a friend’s hacked Telegram account was used to deliver a malicious Zoom link.
JP says he joined the meeting through a browser and was confronted with what appeared to be a deepfake of his friend. Within two minutes, a script had already infiltrated his Mac, copying documents from iCloud into a temporary folder.
JP described the incident in multiple posts, noting he immediately disconnected his machine and later reset it. Importantly, he avoided the worst-case scenario because he uses Vultisig, a multi-factor vaulting solution, rather than storing private keys directly.
Still, the attack shook him enough to warn others against relying on standard tools like Zoom, saying: “At this point it’s not a matter of if, but when you will be targeted.”
Similar tactics were reported by another user, Tori (@ToriRibolla on X), who lost nearly $20,000 after engaging with a malicious Zoom link disguised as a meeting invite from Telegram. Both cases highlight how attackers are using deepfakes and trusted apps to bypass the usual red-flag filters.
Wallet drainers take nearly $1 million
Beyond phishing, wallet drainers have become a growing problem. Another Crypto user Alexander Choi (@notalexchoi on X) shared a detailed account of losing close to $996,000 after interacting with what appeared to be a legitimate project page, “SparkTokenSOL.”
The scam involved multiple calls with professional-sounding individuals posing as project founders. A few days later, Choi’s wallets were emptied in minutes across dozens of addresses.
Reflecting on the event, Choi said: “If it can happen to me, with all my experience in this space, it can happen to anyone.” He urged others to avoid third-party calls and to conduct thorough checks on any project before engaging.
Sui-based platform Nemo targeted
Adding to the list of recent incidents, Sui-based DeFi platform Nemo Protocol confirmed it was exploited for roughly $2.4 million in stablecoins, according to security firm PeckShield, which noted that the attacker bridged the stolen USDC from Arbitrum to Ethereum.
Nemo acknowledged the breach in a community update on Telegram early Monday, explaining that activity in its Market pool was impacted and that all smart contract functions have been temporarily suspended while investigations continue.
The team stressed that vault assets remain secure, though the exact cause of the exploit has not yet been disclosed.
A growing challenge for the industry
These attacks, whether on individuals or platforms, reflect an uncomfortable reality: security risks in crypto are no longer just technical glitches but now getting complex, well-coordinated operations blending malware, social engineering, and AI.
While exchanges and DeFi protocols continue to harden their defenses, the human element remains the most exploited weak spot.
For normal users (like me and you), the takeaway is simple but might just be hard to practice consistently. Regardless, question everything, verify identities, avoid unverified links, and keep large sums secured in cold storage.
%202.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
%20the%20Next%20Big%20Unlock%20in%20AI.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
%20(1).webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
%20(1).webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.jpg)
_2.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
%20(1).webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
