The year 2025 was marked by record losses from attacks and fraud in the cryptocurrency universe. In the first half of the year alone, thefts totaled $2.17 billion, surpassing the total value recorded in 2024, according to Chainalysis. Projections indicate that 2025 could end with more than $4 billion in stolen assets, an all-time high.

ESET, a leading company in proactive threat detection, reviews some of the major cases that occurred in 2025 and how seemingly simple vulnerabilities resulted in multimillion-dollar thefts that shook the cryptocurrency market.

This scenario of vulnerability contrasts sharply with the growing institutionalization of the sector, where cryptocurrency ETFs registered record inflows of $5.95 billion and corporate investors like Strategy (formerly MicroStrategy) announced new Bitcoin purchases. The market, however, exposed its security weaknesses. “The BBC noted that the $1.5 billion attack on the Bybit exchange, attributed to hackers linked to North Korea, was the largest in history, thus symbolizing this contradiction: even with regulatory and technical advances, known vulnerabilities continue to be exploited,” comments Camilo Gutiérrez Amaya, Head of the Research Lab at ESET Latin America.

2025 is shaping up to be a year of historic losses for the cryptocurrency market. According to CertiK, the industry lost nearly $2.5 billion to attacks and scams in the first six months of the year alone. Chainalysis, on the other hand, noted that the volume of stolen crypto assets in the same period surpassed the $2.17 billion mark recorded for all of 2024.

At this rate, according to ESET, losses could exceed $4 billion by the end of the year, making 2025 the year with the largest amount of stolen assets in cryptocurrency history.

Vulnerabilities that can lead to multimillion-dollar losses

ESET has analyzed the most significant incidents of the year, illustrating how vulnerabilities of different kinds can result in multimillion-dollar losses:

1. Attacks on exchanges and centralized platforms (CEXs): Among the most emblematic incidents is the attack on Bybit, which resulted in the theft of approximately $1.5 billion worth of Ethereum, the largest ever recorded in cryptocurrency history. In this case, the attackers didn’t directly breach the exchange’s servers, but rather compromised a third-party platform provider, changing the wallet address where the funds were transferred. ByBit thought it was transferring the funds to its own digital wallet, but it was sending everything to the hackers. The sophistication of the operation revealed how chains of trust and external integrations can become entry points for highly specialized criminals.
2. Exploits in DeFi protocols: The Balancer attack, which caused losses of over $100 million, highlighted one of the recurring weaknesses in the DeFi space: errors in the code. A bug in the smart contract allowed unauthorized withdrawals, exposing how small logical flaws can be exploited to compromise an entire protocol. The impact extended to derivative projects, such as Beets Finance, which also reported losses in the millions. These incidents reinforce the importance of continuous and independent audits, a challenge for protocols that prioritize innovation and speed of launch.
3. Phishing scams: While large platforms suffered coordinated attacks, individual users remained the preferred targets. Phishing scams, in which victims are tricked into voluntarily surrendering their credentials, resulted in $410 million in losses, according to Certik. Attacks targeting individuals are estimated to have accounted for 23.35 % of all stolen funds during the period, a sign that social engineering remains as effective as technical intrusions.
4. Historical attacks and bridge vulnerabilities: Although no major bridge-related incidents occurred in 2025, this type of attack remains one of the most destructive. The memory of the 2022 Ronin Bridge breach, in which $600 million was stolen, remains a constant warning. These failures show how the interconnectivity between networks, essential for the scalability of the crypto ecosystem, also expands the attack surface and can turn a single code error into a systemic collapse.

“Recent attacks reveal the increasing professionalization of cryptocurrency-related cybercrime. Even with the growing technical and regulatory maturity of the ecosystem, cybercriminals have shown they remain one step ahead in 2025, improving their methods, exploiting known vulnerabilities, and diversifying their targets. While the industry has matured in terms of regulation, transparency, and infrastructure, many attacks exploited human error, poorly managed integrations, and unaudited code—issues that innovation alone cannot eliminate,” notes Gutierrez Amaya.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For other useful preventative information, also available in Venezuela:  https://www.eset.com/ve/, and on their social media channels @eset_ve. Also on Instagram @esetla) and Facebook (ESET).

With information and reference image provided by ESET and Comstat Rowland

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Cybersecurity and cryptocurrencies: advances, risks, and lessons learned in 2025 apareció primero en Bitfinance.

Digital crimes are a threat to virtually every productive sector worldwide. Just as they empty people’s bank accounts, steal personal data, and impersonate others, hackers are finding new ways to affect sectors such as industry, healthcare, manufacturing, education, telecommunications, and supply chains, among others.

Internet criminals are using increasingly sophisticated methods, including the use of AI that allows for virtually imperceptible impersonation, to breach the protective barriers of individuals and businesses, as well as universities, oil facilities, healthcare centers, manufacturers, and more.

Among the most common attack methods is the introduction of malware into both personal and corporate computers to steal information. But cybercriminals also commit crimes through phishing, asset theft, card cloning at points of sale, malicious applications, and cyberespionage.

Losses from cyberattacks are in the millions. Beyond companies seeing their data exposed or simply losing it to hackers, there’s also the theft of assets, money in bank accounts that ends up in the hands of cybercriminals, data ransom demands, and operational disruption.

Solving all of this comes at a cost. In this sense, some projections of losses from cyberattacks this year point to more than $10.5 trillion.

M.Pino

With information from international media

(Reference image source: Growtika on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Cybercrimes cause millions in losses worldwide apareció primero en Bitfinance.

The data of approximately 30,000 customers of Australia’s four largest banks was stolen using malware installed on mobile phones and personal computers.

Hackers breached the security of the four banks without the institutions noticing their intrusion, and then dumped this information on dark web forums, according to cybersecurity firm Dvuln.

The specialized firm has indicated that “the breaches affect approximately 14,000 Commonwealth Bank customers, 7,000 ANZ customers, 5,000 NAB customers, and 4,000 Westpac customers. The data was collected over a period of at least four years through malware campaigns targeting personal devices.”

On the other hand, it has emphasized that this is not a breach in the banks’ security systems, “but rather individual infections of users’ phones and computers” using infostealer-type malware.

According to the intelligence firm KELA, “more than 3.9 billion passwords have been stolen using this type of malware globally.”

Experts from KELA and Dvuln have emphasized the need to increase protective measures not only by users, “but also by software developers, governments, and financial institutions, which must adopt more aggressive digital defense strategies.”

M.Pino

Source: diariobitcoin

(Reference image: Mika Baumeister on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Hackers stole banking data of at least 30,000 users in Australia apareció primero en Bitfinance.

The attack perpetrated on the Bybit crypto exchange platform recently left a balance of 1.3 billion euros in the hands of hackers.

The theft, considered one of the largest in the history of cryptocurrencies, was executed by cybercriminals at the time when the executives were transferring the passwords from the cold wallet to a hot wallet connected to the Internet.

Cold wallets are among the safest. The theft was unthinkable. However, the hackers managed to steal the €1.3 billion with a clever move. They created a fake interface to impersonate the real wallet management platform used by Bybit.

The company has pointed out: “This fake website had verified addresses and URLs, which made no one suspicious. When everyone who had to sign the transaction did so, the hackers diverted the funds to an unknown location.”

Initial investigations point to the North Korean group Lazarus, which, according to Chainalysis, “has been responsible for approximately 35 % of all stolen funds in 2024, with a total of $800 million in cryptocurrencies stolen in macro operations.”

M.Pino

Source: computerhoy

(Reference image source: FlyD on Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram

La entrada Hackers stole 1.3 billion from Bybit’s crypto wallet apareció primero en Bitfinance.

The technology company AT&T suffered a cyberattack through which data from customer call logs and text messages over a period of six months was hacked.

Although the company has indicated that the hack does not include the names of the clients, it is a new blow to privacy, as the company emphasized on Friday.

According to the AT&T report, the hacker attack occurred through hackers accessing call logs that were stored on a third-party cloud platform.

“The data contains call and text message records between approximately May 1 and October 31, 2022, and January 2, 2023.”

The SEC clarified that the content of the calls and messages was not compromised, and that no clients’ personal information was accessed.

It is important to highlight that AT&T has an average of 127 million connected devices. So the attack is considered large.

Consequently, the company “took additional cybersecurity measures in response to this incident, including closing the illegal access point.”

Regarding the case, it is estimated that at least one person involved was arrested. Meanwhile, the company continues its operations.

M.Pino

Source: telemundo

(Reference image source: Unsplash+, in collaboration with Getty Images)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Hackers stole data from AT&T users apareció primero en Bitfinance.

This Friday, November 24, the Internet becomes a feast for online shoppers looking to make the most of Black Friday deals. But this date also encourages hackers to prey on the unwary.

Official or verified portals usually do not cause problems when making online purchases. However, when the customer does not take a moment to ensure that the site displays the browsers’ security lock, they can put themselves in danger.

On this date, although the offers in many stores started weeks ago, customers tend to be dazzled by the variety of products and prices on the Internet. This dispersion is the perfect ally for those who clone pages and offer them as official, impersonate corporate identities, and send malicious emails with extraordinary offers.

To avoid being a victim of a scam, it is essential to verify the site; It must be the official page of the store where you want to buy. In this way, the client avoids being directed to fraudulent sites.

The security of personal data, bank cards and passwords is the responsibility of the buyer. In this sense, it is recommended not to provide this data to people who are not qualified for the online procedure, who do not belong to the store or whose attitude raises suspicions.

During browsing, the use of two-factor authentication, as well as biometric access to the different query pages, strengthen people’s security.

In order to speed up purchases, making a prior list of the items of interest helps you be more efficient and focus on the items with the most sales. This way, it takes less time to add them to the shopping cart and then make the final decision.

It is important to previously consult the promotions, discounts, and returns policies of the store where you are interested in purchasing. And once you have purchased a product, keep the invoice, as it will be the only means of claiming if necessary. Also, for a return for a defective item.

The digital era makes a variety of applications and websites available to buyers to facilitate the search, such as Amazon Assistant, Google Shopping, Keepa, CamelCamelCamel, among others. They make price comparisons on the spot and make the job easier.

M.Pino

With information from international media and news agencies

(Referential image source: Unsplash+, in collaboration with Getty Images)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Black Friday purchases without risk of scams apareció primero en Bitfinance.

The attack carried out on September 1 by still unidentified hackers on the Monero platform wallet caused the loss of funds valued at around USD 460,000.

As you may remember, this community’s crowdfunding wallet suffered this attack in September, but it was reported on November 2. The hackers deleted its entire balance of 2,675.73 Monero.

The authorities are investigating the case to find those responsible for affecting Monero, a platform that “finances development proposals of its members.”

The company’s developer, Ricardo Spagnini, has stated: “This attack is inconceivable, since they have taken funds that a taxpayer could count on to pay rent or buy food.”

Since April, Monero has suffered several cyberattacks that have compromised a hundred keys due to an unidentified breach. In this regard, some developers point out that “the breach could have originated because the wallet keys were available online on the Ubuntu server.”

In any case, it is presumed that the attack was possible due to a security flaw, in which a Windows computer could be involved, due to an undetected chain of botnets.

M.Pino

Source: cointelegraph

(Reference image source: Traxer, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Hackers steal assets from Monero wallet apareció primero en Bitfinance.

Artificial intelligence is here to stay. Its accelerated implementation and development allows for incalculable progress in the various fields of knowledge. But it also opens the door to new cyberattacks that wreak havoc globally.

Hackers are now targeting not only digital finances for the theft of assets and personal information. They have gone on to steal data from educational institutions, hospitals, and oil facilities, to demand ransoms in cryptocurrencies.

Microsoft, the technology giant, points out that the development of AI now poses new challenges in terms of computer security.

In recent statements to The Wall Street Journal, “the Redmond company’s security and trust leader, Tom Burt, has acknowledged that attackers, both individual and state-sponsored, have managed to improve their intrusion techniques thanks to AI.”

In this sense, he confirmed that ransomware attacks between November 2022 and June of this year doubled. The data was collected by Microsoft researchers after an analysis “based on 123 million devices and tracked more than 300 cybercriminal groups.” An alarming figure.

They indicate that just as ChatGPT and GitHub Copilot open the door to the fascinating world of knowledge, they also help cyber criminals improve their phishing and ransomware attacks, which is a dangerous combination.

Cybersecurity companies are forced to move faster as hackers use them to achieve greater reach and obtain greater profits.

M.Pino

Source: Xataka

(Reference image source: FLY:D, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada AI poses new challenges in cybersecurity apareció primero en Bitfinance.

The MGM resort in Las Vegas reported this Monday that they were the target of a new cyberattack that affected all of their operations, particularly the reservations area, online payments and the casino.

The functions were interrupted, leaving the resort out of service, which triggered the immediate investigation of the events.

The closure of security and other specific systems was the first measure taken by the hotel complex that is visited by thousands of casino enthusiasts in Las Vegas.

Customers expressed their annoyance about check-in through paperwork, given that the digital system was not operational, in addition to the impossibility of making purchases in restaurants and bars or using the casino, because they could not use their credit cards. credit.

M.Pino

With information from international media and social networks

(Referential image source: David Vives, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Cyberattack affected MGM resort operations apareció primero en Bitfinance.

Every day, thousands of people connect to a power outlet in public places to recharge their phone batteries. Cybersecurity specialists indicate that this can make it easier for viruses to enter devices.

Hackers are known to take advantage of any vulnerability in the security of phones, computers and other electronic devices to break in, install malware and obtain the user’s personal data.

Experts from companies such as ESET, Kaspersky, or FBI cybersecurity personnel (United States) have spoken sufficiently about the need to protect the data regarding username and password, bank account number or cryptocurrency wallet, residence address, among others. others. This, in view of the fact that cyberattackers are increasingly using more sophisticated methods to enter devices and steal this data.

In this sense, connecting to a public electricity outlet can represent one of the easiest ways for hackers to access private information.

Users may be victims of viruses, fraud, extortion, calls from suspicious sources or corporate identity usurpers, cyber espionage, among others.

To protect yourself, the first thing to do is to avoid connecting in public places to charge the battery of cell phones, tablets, computers, and other devices. Also, update the antivirus from an official source. In the case of cell phones with the Android system, it is possible to install Google Play Protect, from Google. In the case of Apple devices, they have Norton 360, McAffe and Avira.

M.Pine

With information from international media

(Reference image source: Steve Johnson, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram

La entrada Charging your cell phone in public places increases the risk of cyberattacks apareció primero en Bitfinance.