The cryptocurrency ecosystem is fraught with sophisticated scams and vulnerabilities. Blockchain security firm SlowMist has recently highlighted several critical threats targeting crypto users, from social engineering scams to malicious browser extensions and large-scale hacks.
These incidents underscore the urgent need for vigilance and robust security practices in the Web3 space.
In a recent report, SlowMist revealed a surge in social engineering scams targeting Coinbase users, costing an estimated $300 million annually.
These scams exploit trust by impersonating customer support, often through phishing emails, fake websites, or fraudulent phone calls.
Attackers trick users into revealing sensitive information like login credentials or seed phrases, leading to asset theft.
SlowMist emphasizes the importance of verifying communications through official channels and staying cautious of urgent demands, as scammers prey on panic to bypass skepticism.
The firm is also collaborating with DeFiHackLabs and ScamSniffer to launch a Web3 phishing simulation platform, designed to train users in recognizing and defending against such attacks in a risk-free environment.
On May 22, 2025, Cetus, a decentralized exchange in the SUI ecosystem, suffered a devastating $230 million hack due to a mathematical overflow vulnerability.
SlowMist’s analysis pinpointed the flaw in the “checked_shlw” function, which allowed an attacker to manipulate parameters and extract billions in liquidity using just one token.
This sophisticated attack highlights the critical need for rigorous validation of mathematical functions in smart contract development.
SlowMist advises developers to thoroughly test boundary conditions to prevent similar exploits.
The incident serves as a stark reminder that even minor oversights in code can lead to catastrophic losses in the decentralized finance (DeFi) space.
Recently, SlowMist uncovered a malicious browser extension named Osiris, posing as a Web3 security tool.
Flagged by X user @0xmaoning, Osiris was found to replace legitimate download links with malicious ones, leading to the installation of harmful software that stole cryptoassets.
SlowMist’s investigation, aided by community reports from users like @Onefly_eth, confirmed the extension’s deceptive tactics.
The firm advises users to avoid installing unknown extensions, use trusted antivirus software, and remain wary of unsolicited recommendations.
This case underscores the risks of browser extensions, which can be as dangerous as executable files if not vetted properly.
In a significant win for cybersecurity, the U.S. Department of Justice dismantled Lummac2, a notorious malware-as-a-service operation, as detailed in SlowMist’s report.
Lummac2 enabled cybercriminals to deploy malware for crypto theft, affecting countless users.
The DOJ’s seizure disrupted this illicit network, but SlowMist warns that similar services continue to emerge.
The firm recommends robust antivirus protection and regular system scans to detect and remove such threats.
This operation highlights the growing sophistication of malware markets and the need for coordinated global efforts to combat them.
SlowMist also exposed a scam involving a fake security expert who deceived crypto users by posing as a trusted authority.
Detailed in a new report, the scammer used fabricated credentials to gain trust, then manipulated victims into compromising their assets through fraudulent advice or malicious links.
SlowMist’s analysis emphasizes the importance of verifying the legitimacy of security professionals and avoiding unsolicited advice.
This case illustrates how scammers exploit the crypto community’s desire for trusted guidance, turning expertise into a weapon.
These incidents, ranging from social engineering to technical exploits, reveal the multifaceted threats in the crypto ecosystem.
SlowMist’s recommendations—verifying identities, auditing smart contracts, avoiding untrusted software, and using antivirus tools—are critical for users and developers.
Their upcoming phishing simulation platform and resources like the Blockchain Dark Forest Selfguard Handbook aim to empower users with knowledge and practical defenses.