ExchangeDEX+

Buy Crypto Markets Spot FuturesBTC Earn Event Center

Based on a report by SlowMist, private key leakage remains the leading cause of crypto theft, accounting for 317 stolen fund reports in Q3 2025.Based on a report by SlowMist, private key leakage remains the leading cause of crypto theft, accounting for 317 stolen fund reports in Q3 2025.

Private Key Leakage Remains the Leading Cause of Crypto Theft in Q3 2025

Author: CryptoPotato

Source: CryptoPotato

2025/10/05 02:32

Slowmist’s MistTrack’s Stolen Funds Analysis shows that private key leaks remain the most common cause of crypto theft.

The findings indicate that 317 stolen fund reports were filed between July and September, with assets worth more than $3.73 million successfully frozen or recovered in ten of those cases.

Private Keys Remain the Core Vulnerability

The report highlights that most crypto thefts rely on compromised credentials rather than sophisticated attacks. It notes that unauthorized dealers continue to sell fake hardware wallets, which remain a common scam. These devices often contain pre-written seed phrases or have been tampered with to secretly capture recovery information, allowing attackers to access funds once victims deposit assets.

SlowMist advised users to only purchase hardware wallets through authorized vendors, create seed phrases on their device, and try tiny transfers before transferring large sums of money. Simple checks, such as verifying packaging integrity and avoiding pre-set recovery cards, can help prevent losses.

Attackers are also developing new methods using phishing and social engineering. The report examined some occurrences of EIP-7702 delegate phishing, where compromised accounts were linked to contracts that automatically drained assets once a transfer was initiated. In such cases, victims believed they were engaging in regular activity, but hidden authorizations allowed hackers to gain control.

The analysis shows that social engineering remains a persistent threat, with phishers posing as recruiters on LinkedIn and building trust with job candidates over several weeks before convincing them to install “camera drivers” or other malicious code. In one case, attackers paired the program with a manipulated Chrome extension during a Zoom call, leading to losses of more than $13 million.

Old Phishing Scams Remain Effective

Traditional methods also continued to prove effective. Fraudulent Google ads cloned legitimate services such as MistTrack, while spoofed dashboards for decentralized finance platforms like Aave generated over $1.2 million in losses through hidden authorization requests. The exploiters also hijacked unused Discord vanity links left in project folders to trick communities.

Another attack vector disguises malicious commands as CAPTCHA verifications, tricking victims into copying code that steals wallet data, browser cookies, and private keys.

SlowMist explained that Web3 exploits are not about complex tricks but involve hackers taking advantage of everyday actions. That being said, simple actions like slowing down, double-checking sources, and avoiding shortcuts are the best ways to stay safe in a space where threats keep changing.

The post Private Key Leakage Remains the Leading Cause of Crypto Theft in Q3 2025 appeared first on CryptoPotato.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.