Skip to content Skip to sidebar Skip to footer
Home / News

The many faces of crypto crime and the relentless cat-and-mouse chase

Post a Comment

Welcome to Slate Sundays, CryptoSlate’s new weekly feature showcasing in-depth interviews, expert analysis, and thought-provoking op-eds that go beyond the headlines to explore the ideas and voices shaping the future of crypto.

Crypto crime is on the rise. From the first epic hack of mighty Mt. Gox to the intricate OneCoin scam orchestrated by nefarious Bulgarian fraudsters, underhanded dealings move in lockstep with digital assets. History has shown that wherever there is value, there is also an ill-intended bystander lurking in the shadows just waiting to snatch it. As the industry grows, so too does the problem, and it becomes increasingly elaborate and hard to ignore.

According to blockchain forensics company Chainalysis, 2025 is on track to become the worst year of crypto-related theft so far, with over $2.17 billion already stolen from crypto services as of July. This number exceeds the total amount stolen in 2024, a year that was already set to break records, with a 67% rise in wallet drainer attacks from 2023.

Figures like these reveal the gaping vulnerabilities within the crypto sector and impact mainstream adoption. As Kadan Stadelmann, CTO at AI developer platform Komodo, told me in written commentary:

“We’re watching web3 bleed credibility in real time. A 67% rise in wallet drainer attacks tells you everything: crypto is still a playground for exploiters, not a foundation for mainstream finance. Mass adoption stalls when the average user has to be half-coder, half-paranoid detective just to move funds.”

Bill Zielke, Chief Revenue Officer at BitPay, the world’s largest crypto payments platform, also provided his thoughts:

“The rise in crypto scams doesn’t just affect existing users; it erodes trust and slows broader adoption. Potential newcomers, whether individuals or businesses, may hesitate to engage with crypto after seeing stories about phishing attacks, fake wallets, or impersonation schemes. And while adoption is growing, particularly as crypto gains traction as an alternative to traditional payment and remittance systems, concerns about scams continue to be a barrier.”

Don’t mess up, or you lose it all

The number of so-called ‘pig butchering’ attacks, where the perpetrator ‘fattens up’ the victim before reaching in for the kill, is on the upward curve as well, with revenues increasing by almost 40% YoY from 2023 to 2024.

While thankfully less common, there has also been an increase in physical attacks on Bitcoiners, known as wrench attacks. As Bitcoin security expert and Casa co-founder and CSO Jameson Lopp shared in a recent Slate Sunday interview, there are over 200 documented physical attacks on Bitcoiners, more than 30 of those in the first half of 2025, leading Chainalysis to conclude:

“It is clear that 2025 is well on track to have potentially twice as many physical attacks as the next highest year on record.”

Just as the experts become aware of one type of attack and implement best practices to safeguard users online, another one pops up, like a game of whack-a-mole, as attacks become increasingly sophisticated over time to prey on unsuspecting victims.

Many scams now leverage AI-generated content, deepfakes, and advanced phishing tactics to bypass detection and pull the wool over the eyes of even the savviest of users (and scare others away from self-custody altogether). Michal “Mehow” Pospieszalski, founder and CEO of MatterFi security infrastructure provider, warned in a comment:

“Scams don’t just slow down adoption, but more importantly, destroy trust. If a user can lose everything by clicking the wrong link or misreading a wallet string, no amount of yield or innovation matters. People don’t onboard into environments where the default assumption is: “Don’t mess up, or you lose it all.”

Crypto crime: the most common types of attacks

Fraser Edwards is an expert in online fraud and the CEO of self-sovereign identity platform cheqd. I spoke with him to discuss some of these viewpoints on crypto crime and to gain further insights into the problem.

“In fraud, it’s a game of cat and mouse,” Edwards admits. “Right now, we’re in this swing toward the fraudsters, and I think it’ll get bad, but it always swings backward and forward.”

I’ve heard cybersecurity described in this way before, as the very objective of hackers is to disorient their victims with ever-more convincing and sophisticated techniques to remain one step ahead at all times. So, what are the most common types of attacks to be on the lookout for, and how can you protect yourself from them?

Phishing and social engineering

By far the most prolific of all types of crypto crime and cybersecurity threats are social engineering and phishing, which account for 70-90% of all attacks, and typically take on the form of fake emails, texts, and websites that trick users into giving up their private keys or wallet credentials. Edwards gives an example of one I’m sure has landed in my DMs before:

“There’s a Calendly one through Twitter that’s extremely well done. They send you the spoof Calendly link. You go to that link, you book a slot, and you then authenticate using Twitter. They then get access to your Twitter account and use that to send out messages to defraud people.”

A few best practices here include always visiting the official channels of a company, rigorously inspecting links, double-checking wallet addresses, and never clicking on links or attachments in emails.

AI-powered deepfake scams

Unsurprisingly, in an era of explosive AI growth, deepfake scams are on the rise as scammers incorporate AI-generated videos and voices to impersonate trusted figures or company executives.

In 2023, a deepfake video of an interview with Tesla CEO Elon Musk was widely circulated on platforms like YouTube. The video mimicked a CNBC interview, showing a manipulated version of Musk claiming viewers could double their money by sending Bitcoin or Ethereum to a provided address.

Deepfakes like this occur frequently, and while more and more users are aware of the threat, key personalities often remind their followers not to fall for AI-generated clips of themselves, often on Instagram and TikTok, endorsing fake investment platforms.

Verified data, a solution cheqd is pioneering to create verifiable AI, can help solve this problem, as cryptographic signatures can prove when content was generated and how. Edwards explains:

“An example might be that you can create a video, or the content credential was generated straight off when you record a video using a phone. Samsung is thinking of building this into one of their flagship models, where every time you take a picture, it won’t just be the picture. It will have a cryptographic signature straight off the device, so you can prove that you generated this picture or this video and that it wasn’t AI-generated.”

Pig butchering

Just as appealing as the name, scammers ruthlessly build personal relationships using social media or dating apps to gain trust before convincing victims to invest in fraudulent crypto projects or accounts. Once large sums are deposited, the proverbial thief in the night vanishes along with the crypto (and the victim’s will to live).

Pig butchering scams have been found to devastate their victims, causing a double blow that cripples them both financially and emotionally. In 2023, the FBI’s Internet Crime Complaint Center (IC3) reported a dramatic increase in crypto-related fraud complaints, with losses totaling $3.96 billion, an increase of 53% over the previous year.

Edwards and his team offer one solution to limit the amount of personal data available in the stratosphere: reusable KYC, which enables users to verify their identity once and securely reuse that verification with multiple services, instead of repeating the KYC process for each one. This reduces the amount of information they share, prevents risky centralized “honeypots” of sensitive data, and combats fraud since only cryptographically signed, trusted credentials are used. He enthuses:

“I’d say that’s probably the biggest thing that we’re seeing is the start of reusable KYC. I think it’s going to accelerate really quickly.”

Ponzi and pyramid schemes

Ponzi schemes may be well over 100 years old, but hapless investors continue to fall into the honey trap as fraudulent crypto platforms promise guaranteed returns, pay early investors with money from new participants, and eventually implode, leaving most investors out of pocket.

Like the time thousands of Nigerians lost millions of dollars to CBEX, a fraudulent digital asset trading platform posing as a legitimate “China Beijing Equity Exchange,” or the most recent scheme unraveled in June 2025 by First Liberty that led to an abrupt shutdown, leaving around 300 investors out of at least $140 million.

Protecting yourself from a Ponzi scheme can be hard, especially when the term is constantly misused by high-profile people (Peter Schiff, anyone?). But a good rule of thumb is to watch out for unrealistic returns, pressure tactics, and any unsolicited offers. Also, maybe watch the OneCoin documentary a couple of times.

Rug pulls and pump-and-dump schemes

If you’ve been in crypto for more than a minute, you’ll be familiar with unscrupulous rug pulls. Merciless developers or project founders tirelessly shill their new token, attract millions of dollars of investment, then suddenly remove all liquidity and exit stage left, leaving the audience feeling as if the rug has literally been pulled from under their feet. Edwards sighs:

“It really comes down to people not doing their due diligence and just aping into these things. You’ve got a lot of anonymous teams.”

He says that verified data may help investors to choose projects more wisely, as legitimate founding team members can use decentralized IDs to build up verified contributions to projects and positive, provable reputations.

Physical bitcoin attacks (wrench attacks)

Of the rising number of physical attacks on Bitcoiners documented by Lopp, there’s an emerging trend of more incidents being carried out by organized crime. Wrench attacks have occurred on known industry figures such as Ledger co-founder, David Balland, and Lopp himself, which propelled him to erase himself from the internet. But they also target so-called crypto influencers who flaunt their wealth on platforms like TikTok and Instagram.

One of the best ways to protect yourself from physical attacks (beyond elaborate schemes to make yourself disappear like a Bond villain) is to be discreet about your lifestyle. Never tell anyone how much BTC you hold, and please, don’t taunt your followers to have fun staying poor while you’re dripping in diamonds and a Rolex. Edwards remarks:

“Obviously, as your wealth increases, you need to start looking at personal security about this, but I think one of the bigger problems is some people, whether deliberate or just through ignorance, make it very visible what their wealth is, because all of it is on the ledger. As a result, you can know someone’s net worth in a way that you wouldn’t in traditional banking systems.”

Things can only get… worse

Unlike the D: Ream song from the 90s (remember that?), it’s unlikely that the situation will improve at any time. All the signs point to it getting worse. Chainalysis warns:

“Currently, 2025 is 17.27% worse than 2022 at the end of June. If this trend continues, we could see 2025 end with more than $4.3 billion stolen from services alone.”

Yikes. And with the proliferation of AI agents, cybercrime will take on a life of its own, no longer reliant on a human mastermind behind it. Edwards explains:

“All of this [cybercrime] is currently largely being done by people, so there is someone somewhere who is going and doing this. Where it’s going to get really terrifying is where this can get outsourced to AI agents, and they can do it at mass scale. That’s where it’s going to get really scary, because you’re no longer limited by human capacity.”

Gulp. I’ve spoken of my reservations about AI before, and I hate to be a Debbie Downer, but everywhere I look, it feels like the world is falling apart. From scrambles to control the nuclear codes to AI agents waiting to assault us online, is there anything within our control besides working ourselves up into a stupor?

According to Chenxing Li, a developer at Conflux Network who provided written commentary about finding solutions to this problem, the entire industry needs “time to mature in three key ways.” He says:

“1. The Test of Time: To see which projects can deliver truly reliable and stable products, thereby building a trusted brand for security.

2. Learning from Incidents: To collectively learn from security breaches and iterate on product designs to patch exploitable flaws.

3. Gaining User Trust: For mature, secure solutions to gradually replace outdated ones and earn widespread user adoption.”

But with AI developing at the speed of a bullet, and cybercrime so rampantly up, do we have time for the test of time? Are the solutions to combat online crime being rolled out fast enough? Edwards reflects:

“Ideally, quick enough means that you’re getting the tech out before the fraudsters even really make hay with it. I think we’re only seeing that they’re making hay. It’s probably going to get worse. I think then there’ll be a swing back the other way, hopefully, but I don’t think it’s quick enough.”

A glimmer of hope on the horizon

Fortunately, all is not lost. You may be able to take your head out of the sand for a little while and venture out online after all. James Toledano, COO of self-custodial web3 wallet, Unity Wallet, pointed out that, while AI may exacerbate the problem, it can also be harnessed for good. He wrote:

“This isn’t a losing battle. It’s a moment to strengthen the foundation. Self-custodial wallets remain inherently secure; most breaches result from deception, not technical failure. The solution begins with education: if in doubt, don’t engage.

Just as AI is being leveraged by bad actors, it also holds enormous potential as a defense, enabling real-time scam detection, user behavior monitoring, and adaptive threat response to restore confidence and drive safe web3 adoption.”

Edwards agrees, commenting:

“The tech is there to solve this. The good thing is it’s not like we have this problem and we don’t know what to do about it.”

One example of a project leveraging AI to combat fraud and scams is Algebra Labs, that’s building a new decentralized exchange (DEX) governed completely by bots. Co-founder Vladimir Tikhimorov provided some details, saying:

“We expect that AI will change many things about the industry, including threat detection and mitigation. When security can be automated to react in real-time rather than post-alert, often when funds have been stolen, we believe the future of digital assets will migrate towards these types of platforms rather than the ones that continue to go it the way they traditionally have.”

As crypto adoption accelerates and the technology matures, the shadows of crime remain an unavoidable threat. Yet with a mix of vigilance, user education, smarter security practices, and evolving technology like AI, there’s still a fighting chance of avoiding an online apocalypse. The race between defenders and attackers may be a relentless cat-and-mouse chase, but just remember who wound up with the cream.

The post The many faces of crypto crime and the relentless cat-and-mouse chase appeared first on CryptoSlate.



source https://cryptoslate.com/the-many-faces-of-crypto-crime-and-the-relentless-cat-and-mouse-chase/
Location:

Post a Comment for "The many faces of crypto crime and the relentless cat-and-mouse chase"