February 27 News, blockchain security firm TRM Labs released a report stating that AI cryptocurrency scams have surged by approximately 500% over the past year. The widespread adoption of generative artificial intelligence and large language models (LLMs) has enabled highly automated phishing, identity impersonation, and money laundering processes, significantly increasing the scale and speed of attacks.
The report highlights that hackers use AI to mass-produce phishing emails, fake investment websites, and highly realistic chatbots, enhancing engagement through personalized messaging, and leveraging translation tools to spread across languages. Deepfake audio and video technology is used to impersonate corporate executives or public figures, accelerating trust-building in “pig butchering” scams and romance frauds. Machine learning models can also automatically test stolen accounts, scan mnemonic phrases and private keys, and even identify smart contract vulnerabilities, enabling quick fund theft.
Recent cases underscore the rising risks. A crypto whale lost 1,459 Bitcoin and 2.05 million Litecoin—worth up to $282 million—due to social engineering attacks. U.S. law enforcement also seized over $61 million in Tether in North Carolina, with the funds linked to cross-border money laundering.
Data shows that illegal crypto transactions are projected to reach $158 billion in 2025, a 145% increase year-over-year, with about $30 billion related to scams. Chainalysis reports that AI-driven scam operations generate 4.5 times more revenue per incident than traditional scams, with daily transaction volumes nine times higher. Vectra AI disclosed a 1,210% increase in AI scam cases.
Security agencies emphasize that, in response to the escalation of AI cryptocurrency scams, defenses must also deploy automated monitoring and on-chain analysis tools. As attack lifecycles accelerate across the board, the digital asset security ecosystem faces a new wave of technological confrontation.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Drift Protocol: begins developing a recovery plan, participates in the STRIDE security program
Drift Protocol is developing a recovery plan to stabilize the situation and protect affected users, and to participate in the STRIDE security program by the Solana Foundation. This attack was orchestrated by a North Korean intelligence organization named AppleJeus, involving social engineering and technical infiltration, resulting in an estimated loss of about $285 million in funds, highlighting that the DeFi ecosystem faces major security challenges.
MarketWhisper38m ago
Drift Protocol announced a hacker incident recovery plan and will participate in the Solana Foundation STRIDE security mechanisms
Gate News update: On April 8, Drift Protocol posted an update on the incident response process for the hack. Drift said that it is currently actively working with asymmetric research and OtterSec to develop a coordinated and aligned recovery plan. At this stage, the primary focus is to stabilize the situation and provide protocol-level assurances for all affected users and partners. In addition, Drift will participate in a security mechanism under the Solana Foundation.
GateNews43m ago
DoorDash accounts became a vulnerability in an encryption wrench attack; three suspects have been charged
Three men were indicted for participating in a crypto wrench attack. The method used in the crime involved using stolen delivery-app account credentials to get close to the victims, and then threatening them with violence to force them to transfer their crypto assets. This type of attack is not limited to San Francisco and has become a global problem, threatening the safety of cryptocurrency holders. Prevention recommendations include not disclosing holdings information, using different receiving addresses, and enabling two-factor authentication.
MarketWhisper48m ago
Posting about crypto for the first time requires verification! X rolls out new anti-scam rules to prevent hackers from stealing accounts and promoting scam tokens
Community platform X is rolling out a mandatory verification mechanism for cryptocurrency content to address increasingly severe scam problems. The mechanism will lock an account when it is first mentioned for cryptocurrency, requiring users to complete identity verification. According to data, crypto scams in 2025 are expected to reach $17 billion, and social platforms have become an important source of scams. The new measure is intended to reduce the success rate of scams carried out by hackers using high-trust accounts; however, scam activity is still rapidly expanding, and prevention efforts face challenges.
CryptoCity1h ago
Solana ecosystem DEX Stabble urges LPs to withdraw funds after discovering that a former employee is a North Korean–national developer
Solana decentralized exchange Stabble issues an emergency notice urging liquidity providers to withdraw funds due to a security risk involving a former North Korean employee. The warning was disclosed by on-chain investigator ZachXBT, in the context of a U.S. warning about the infiltration of North Korean technical personnel. Stabble emphasizes that no attack has happened yet and will conduct a new security audit.
GateNews2h ago
Stabble sparks scandal involving North Korean employees, urgently urging LPs to withdraw liquidity as a hedge
Solana ecosystem decentralized exchange Stabble issued an emergency notice on April 8 due to warnings triggered by an association involving a North Korean developer, which raised concerns that liquidity providers may withdraw funds. Although no smart contract vulnerabilities or fund losses were found, the incident reflects the long-term threat of North Korean technical personnel infiltrating the crypto industry and exposes the risk of identity checks for project developers. Stabble plans to conduct a new round of security audits to ensure the safety of funds.
MarketWhisper2h ago
