Private key leakage remains the main cause of Crypto -theft in Q3 2025

Based on a report from Slowmist, private key leakage remains the main cause of crypto -theft, good for 317 stolen fund reports in Q3 2025.

The stolen fund analysis of Slowmist shows that private key leaks remain the most common cause of crypto -theft.

The findings indicate that 317 stolen fund reports were submitted between July and September, with assets with a value of more than $ 3.73 million successfully frozen or found in ten of those cases.

Private keys remain the vulnerability of the core

The report highlights That most crypto thefts rely on compromised references instead of advanced attacks. It notes that unauthorized dealers continue to sell fake -hardware -portfolios, which remain a common scam. These devices often contain pre -written seed sentences or are tampered to conquer recovery information, so that attackers have access to funds as soon as victims deposit assets.

Slow advised Users to only buy hardware portfolios through authorized suppliers, make seeds on their device and try small transfers before they transfer large sums of money. Simple checks, such as verifying the integrity of the package and avoiding predetermined recovery cards, can help prevent losses.

Attackers also develop new methods with the help of phishing and social engineering. The report investigated some events of EIP-7702 representative phishing, where compromised accounts were linked to contracts that were automatically empty as soon as a transfer had started. In such cases, victims believed that they were regularly busy activities, but hidden authorizations could get hackers control.

The analysis shows that Social Engineering remains a persistent threat, whereby Phishers occurred as recruiters on LinkedIn and the confidence of the trust of a few candidates for a few weeks before they are convinced to install “camera drivers” or other malignant code. In one case, attackers combined the program with a manipulated Chrome extension during a zoom discussion, which led to losses of more than $ 13 million.

Old phishing -wanging remains effective

Traditional methods also became effective. Fraudulent Google advertisements have cloned legitimate services such as fogtrack, while forged dashboards for decentralized financial platforms such as Aave generated more than $ 1.2 million in losses through hidden authorization requests. The exploiters also hijacked unused Discord vanity left who were left in project folders to mislead communities.

Maybe you also like it:

Another attack vector disguises malignant commands such as Captcha -Verifications, in which victims are cheated in copying code that steals portfolio data, browser cookies and private keys.

Slow explained Those web3 exploits are not about complex tricks, but involve hackers who benefit from daily actions. That said, simple actions such as delaying, double checking of sources and avoiding shortcuts are the best ways to stay safe in a room where threats continue to change.