• SBI Crypto was breached, losing $21 million in assets via a suspected laundering operation.
• A phishing scam targeting GMGN tricked 107 users into approving fake transactions.
• Honeypot token scams rose 600% month-on-month, with over 2,100 tokens detected.

Web3 has entered a new phase of cyber threats, with attackers now leveraging artificial intelligence, automation tools, and complex social engineering to exploit users across decentralised networks.

According to GoPlus Security, over $45.84 million was lost in October alone from a surge of scams, phishing attacks, token exploits, and wallet hacks.

The data reveals how scammers are evolving their methods, creating high-impact exploits that have affected thousands of users and platforms across Ethereum, Binance Smart Chain, and Base.

Hackers use AI and automation to boost phishing campaigns

GoPlus observed a sharp increase in phishing attacks that led to more than $3.5 million in losses.

A growing number of these scams are powered by “Phishing-as-a-Service” platforms, where threat actors use AI tools to rapidly generate fake websites and deploy large-scale campaigns with lower operational costs.

One of the largest phishing cases involved the trading platform GMGN.

In this incident, 107 users were misled by a fake third-party website into authorising harmful transactions. Losses totalled more than $700,000.

The phishing scam replicated legitimate wallet interactions, tricking victims into signing approval requests that gave attackers control over their funds.

In another case, a trader approved a malicious “increaseAllowance” command, resulting in a $325,000 loss in Coinbase Wrapped Bitcoin.

Separately, another user was hit with a $440,000 loss after signing a fraudulent “permit” transaction.

Both exploits highlight the rise in fake contract approvals, often enabled by deceptive interfaces mimicking trusted apps.

Sophisticated exploits linked to state-style laundering tactics

The single largest exploit came from SBI Crypto, which suffered a breach that drained $21 million worth of digital assets. The losses included Bitcoin, Ethereum, Litecoin, Dogecoin, and Bitcoin Cash.

Although SBI Crypto did not officially confirm the source of the breach, a joint investigation by ZachXBT and Cyvers suggested patterns similar to those used by North Korean hacker groups.

The attackers allegedly funnelled funds through Tornado Cash, a known crypto mixer previously sanctioned for its role in laundering state-sponsored thefts.

This laundering method closely mirrors activity linked to the Lazarus Group, though the report stressed that the connection remains unverified.

Web3 platforms under attack from honeypot tokens

Alongside phishing and exploits, the report found a dramatic spike in honeypot tokens.

These are malicious smart contracts that allow users to buy tokens but prevent them from selling or withdrawing funds.

Honeypot tokens surged 600% last month, reaching 2,189 identified tokens—though still far fewer than the 40,000 recorded in June 2025.

The Binance Smart Chain accounted for the bulk of these tokens at 1,780, followed by 216 on Ethereum and 131 on Base.

These tokens are embedded with hidden restrictions that block transactions, stranding investor funds in illiquid assets.

Their increase underscores a shift toward embedded contract-level fraud, which can bypass basic security tools.

Tokens and socials compromised in wider exploits

The wider ecosystem also saw losses from social media and platform-based breaches.

Astra Nova’s official social account was hijacked, triggering a large-scale sell-off of its native token RVV and causing losses of approximately $10.3 million.

In a separate exploit, decentralised finance platform Garden Finance was hit with a vulnerability that cost users around $10.8 million, according to ZachXBT.

These incidents reflect a widening surface of attack across both user-facing interfaces and backend contract code.

The on-chain ecosystem of Ethereum has recently been rocked by a wave of scams and rug pulls, creating a period that many are describing as a bloodbath. While the underlying technology of the ETH blockchain remains robust and secure, the sheer volume of malicious projects and deceptive schemes is taking a significant toll on retail investor confidence.

Is Ethereum Still The Home Of DeFi Innovation?

The Ethereum on-chain ecosystem has been plagued by scams and rug pulls, resulting in significant financial losses and, more importantly, a decline in retail investor confidence. Analyst known as Fat Tony on X  has expressed deep frustration that BOOE hasn’t gotten more support from Ethereum’s own community, possibly due to the wave of malicious acts on the ETH ecosystem.

Related Reading

He highlighted the Book of Ethereum (BOOE) as an exemplary project that embodies what ETH is supposed to stand for and distinguishes itself through several key characteristics. No Paid KOLs as the project has not relied on paid crypto influencers for promotion, which is a common tactic used by fraudulent projects to pump their tokens. 

With a resilient community, BOOE has built its foundation on a strong and organic community, a sign of a project with genuine, grassroots support. A generous team, which he praises for its generosity and ethical approach, stands in stark contrast to the greed of scam artists.

Furthermore, Tony notes that numerous high-profile ETH founders and accounts are interacting with the project, which, in his view, is becoming expected at this point. Thus, he encourages the ETH community to support BOOE, which actually stands for something, and to move away from a speculative mindset of max extraction with zero vision.

How The ETH Ecosystem Must Fight Back

While scams and rug pulls are eroding retail confidence, investor Sassal0x, founder of Thedailygwei, has also revealed a scathing critique of Ethereum’s competitor chains, accusing them of engaging in a desperate strategy of lawfare to stifle the growth of ETH’s Layer 2 solutions. In his view, this is not a sign of strength but a clear admission of weakness.

Related Reading

According to Sassal0x, the overwhelming adoption of ETH L2s demonstrates their superiority in the free market, a reality that has left competitors with no viable path to challenge ETH’s dominance.

The analyst notes that this new, underhanded strategy comes after a long period of failed FUD (fear, uncertainty, and doubt) campaigns. Since misinformation has proven ineffective in slowing down L2 growth, competitors are now resorting to using nation-state governments to kill their competition.

As a result, Sassal0x concludes with a powerful call to action for the Ethereum community. Instead of being complacent, the ETH ecosystem must fight back against this as much as we can.

Featured image from Adobe Stock, chart from Tradingview.com