Hackers Exploit Humans, Not Code: Crypto's Evolving Security Crisis

Generated by AI AgentCoin World
Friday, Oct 10, 2025 8:39 am ET1min read
CYBER
--
BTC
--
BNB
--
CAKE
--
Aime RobotAime Summary

- Binance founder CZ received a Google alert about a state-sponsored hacking attempt on his account, attributed to North Korea's Lazarus Group.

- North Korean hackers stole $2B in crypto assets in 2025 alone, with Lazarus Group responsible for major breaches including the $1.5B Bybit hack.

- Experts warn of a shift to social engineering attacks, emphasizing human vulnerabilities over technical flaws in crypto security.

- Industry calls for stronger measures like 2FA and password rotation, as Binance-linked breaches highlight persistent risks in 2025.

Binance founder Changpeng Zhao (CZ) has received a security alert from Google warning of a potential state-sponsored hacking attempt targeting his personal account, sparking renewed concerns over

cyber
threats in the cryptocurrency sector. The alert, shared via CZ's official X account, cited "government-backed attackers" attempting to steal his password. While CZ humorously speculated about the involvement of North Korea's Lazarus Group, he emphasized that his account did not hold sensitive data, urging the community to remain vigilant Google Issues CZ Hack Alert: Who’s Behind This Attack?[1].

Google's threat notifications, typically reserved for high-risk users, suggest a possible probe by Lazarus Group, a North Korea-linked hacking collective. This incident aligns with a broader trend of state-sponsored cyberattacks increasingly targeting high-profile crypto figures and institutions. In 2025 alone, North Korean hackers have stolen over $2 billion in crypto assets, according to blockchain analytics firm Elliptic, marking the largest annual total on record and lifting the regime's cumulative known haul to $6 billion Cz Gets Google Warning of State-Actor Hack – Lazarus Now Targeting Crypto Execs?[2]. The Lazarus Group was implicated in the February $1.5 billion Bybit hack-the largest cryptocurrency theft to date-and has since targeted platforms like WOO X, LND.fi, and Seedify State Hackers Are Now Targeting Crypto Elite — Even CZ Gets a Google Alert[3].

Experts highlight a strategic shift in tactics by North Korean hackers, who now prioritize social engineering over technical exploits. Unlike past attacks that exploited vulnerabilities in crypto infrastructure, modern campaigns focus on manipulating individuals to gain access to accounts or sensitive data. Elliptic noted that 2025's losses were driven largely by such methods, underscoring that "the weak point in cryptocurrency security is increasingly human, rather than technical" Record year for North Korean crypto hackers[4].

CZ's alert has amplified industry-wide calls for stronger personal and institutional cybersecurity measures. Analysts recommend rotating passwords, enabling two-factor authentication via authenticator apps, and monitoring linked devices for unauthorized sessions. CertiK data also revealed a rise in successful social-engineering breaches in Q3 2025, despite a 37% decline in total crypto losses compared to the previous quarter Crypto Jargon Advises CZ Followers on Security Measures[5].

The incident follows a surge in security incidents linked to Binance and its ecosystem, including a $91 million

Bitcoin
phishing scam and a $13,000
BNB
Chain hack. While no losses were reported in the recent
PancakeSwap
X account breach, the pattern of attacks highlights the persistent risks faced by crypto leaders and platforms.