Security status across crypto and blockchain space has changed dramatically over the past few months. Traditional smart contracts have been replaced by exploiting or brute-force attacks on blockchain networks by crypto fraud such as lag pull and pump and dump schemes.
Beincrypto spoke with a spokesman for security company Certik to understand how blockchain and security threats are evolving, and how projects and users can protect against future exploits.
Social media is on the rise
Over the past few months, the crypto community has seen an increase in social media-related hacks. This increasingly common trend is moving away from the more sophisticated orchestration of blockchain attacks that have traditionally plagued headlines.
Smart contract exploits or blockchain hacks require more knowledge, but hackers have found an easy way by targeting social media accounts instead.
“Social media accounts have become an attractive target as they have a wide range of reach and trusted followers located in validated profiles. Compared to complex blockchain attacks, hijacking social media accounts can provide a massive spread of scams that are faster and less technically demanding.
The accessibility of social media hacking has expanded the pool of malicious actors that can do these attacks.
“This trend could be partly due to a gap in skills between malicious actors. For example, drainers have opened the door to scammers who don’t understand how drainers as a service don’t necessarily understand how to operate smart contracts.
X (formerly Twitter) quickly became the social media platform of choice among Web3 hackers.
Social media is currently the main target of web3 hackers
After President Donald Trump launched Meme Coin two days before he assumed an office, hackers used the hype to hack famous X accounts and persuaded their followers to invest in coins from scam memes.
Last month, an anonymous hacker took over the X-account of former Malaysian Prime Minister Mahathir Mohammad, promoting Malaysia.
The post was deleted within an hour, but damages were made. Analysis shows that these hackers are probably linked to the infamous, evil Russian corporation, and stole $1.7 million from the pull on this rug.
“Given that X is the most popular crypto social media application, it makes sense that popular accounts on the platform aim to attract most casualties,” a Certik spokesman said.
Malaysian token scams came just two weeks after hackers exploited former Brazilian president Jea Bolsonaro’s social media accounts. In that example, the con artist promoted Brazilian tokens. Brazilian tokens rose more than 10,000% in minutes, winning more than $1.3 million in scammers.
These scams have also affected tech companies.
Attacks on high-tech companies
In December, AI research and development company Anthropic was also hacked with its X account. In the fraudulent post, he claimed that a fake token called Claude would encourage AI and crypto projects and include wallet addresses aimed at investors.
The attacker was able to raise about $100,000 from speculative investors.
“The trends are realistic, and violations of accounts belonging to global leaders and tech companies emphasize that threat actors are targeting platforms with a wide range of influence, amplifying fraudulent cryptographic schemes. It reflects the changing tactics that are becoming the leading vector for encryption-related fraud.
These situations also highlight the broader issues of weak account security issues on social media platforms. As a result, even prominent individuals are susceptible to security breaches that directly affect the crypto community.
The launch of Trump Memecoin was the catalyst for crypto fraud
After Trump’s launch, the frequency of socially designed scams has become more clear. In January, Ethereum co-founder Vitalik Buterin published cathartic social media that criticised Trump and meme coins.
“Now is the time to talk about the fact that a large political coin crosses further lines. They are not merely sources of enjoyment, their harm is harmful to mistakes made by voluntary participants, and is a means of unlimited political bribery from foreign states,” argued Buterin.
Buterin highlighted the role of tokens in enabling crypto fraud and political corruption, and denounced former SEC chair Gary Gensler, who was created for allowing bad actors to exploit governance tokens.
However, these crypto frauds go beyond political themes.
Growing social engineering exploits
A week after Buterin warned against political meme coins, Coinbase users lost $11.5 million after becoming victim to a base’s social engineering scam.
Crypto Sleuth Zackxbt revealed the exploit, noting that the incident is part of a growth trend, with multiple Coinbase users suffering similar losses. He also estimates that a crypto fraud of this nature has emitted at least $150 million from Coinbase customers.
“Coinbase has a serious fraud issue. I’ve revealed a recent theft from Coinbase users. The $150 million stolen from Coinbase users in a year is due to thefts I independently confirmed, and therefore more than a multiple of this number,” Zachxbt said.
In social engineering scams, attackers use phishing emails, spoofed calls, and other deceptive tactics to trick victims into revealing their private keys and login credentials. Once they access, they drain their wallets, move their funds, and take control of their accounts.
In the case of Certik, these situations dictate the need for stronger security measures.
“The Web3 security platform has adapted beyond smart contract vulnerabilities, by expanding its focus to include broader threat detection, particularly around social engineering risks. Many people have integrated AI-driven surveillance tools to flag anomalous account activities, particularly on social media, a spokesman said.
It is important to address these security challenges as new cryptographic projects grow exponentially.
Proactive security prioritization in fast-growing industries
The Web3 sector is experiencing consistent growth marked by a surge in launches of new Crypto projects. This innovative momentum is expected to continue, but it has also been fueled by security concerns.
In particular, the rise in the rate of fraud and hacking in the first three months of 2025 reveals that security efforts are struggling to keep up with innovation.
The Priority Survey estimates that the Web 3.0 market will expand from USD 4.62 billion in 2025 to approximately USD 99.75 billion by 2034, with a forecast combined annual growth rate (CAGR) of 41.18% over that period.

We have predicted the size of the Web3 market over the next 10 years. Source: Priority research.
However, Certik believes that project developers are pushing security considerations towards the end of their priorities list.
“Despite the surge in new projects, compliance with appropriate audit protocols remains inconsistent. Some projects prioritize thorough smart contract audits, while others rush to the market and stand by security to take advantage of market trends to generate rapid profits,” a Certik spokesperson said.
Naturally, the huge increase in Web3 projects makes it even more difficult for security companies to meet the pace and breadth of demand.
“While there is growing awareness of the importance of audits, the pace of new launches often outperforms the capabilities of security companies, leading to such gaps. As a result, many projects emphasize the need for more standardized audit requirements across the space,” the spokesman concluded.
As the Web3 ecosystem evolves, a proactive and adaptive security approach is important. Prioritizing both blockchain integrity and social media vigilance is essential to protecting the growing Web3 ecosystem.
To fight against these exploits, we need a future where security is not an afterthought, but a fundamental pillar of all Web3 projects and user interaction.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.