AI-Powered Phishing Scams and Hidden Exploits Threaten Web3 Security

TL;DR

• AI-driven phishing scams and automated exploits caused losses exceeding $45.8 million in October.
• SBI Crypto lost $21 million in an attack showing laundering patterns similar to those of the Lazarus Group.
• Honeypot tokens surged 600% month over month, with more than 2,100 cases detected.

AI-driven phishing scams and hidden exploits are testing the limits of Web3 security. SBI Crypto lost $21 million in an attack with laundering patterns resembling North Korean hacker operations, while a wave of automated fraud targeted thousands of users across Ethereum, BNB Chain, and Base.

Web3 is entering a critical stage. Cyberattacks are becoming more sophisticated, using artificial intelligence, automation, and large-scale social engineering tactics. According to GoPlus Security, users lost over $45.8 million in October alone to scams, exploits, and wallet breaches.

Automated and Large-Scale Scams

The most drastic shift comes from automated phishing. “Phishing-as-a-Service” platforms now allow attackers to clone legitimate interfaces and launch large-scale campaigns at low cost. The most severe case was GMGN, where 107 users approved fake transactions after visiting a cloned site, resulting in losses exceeding $700,000. Two other incidents caused $325,000 and $440,000 in losses after users unknowingly signed fraudulent commands.

Meanwhile, exploits tied to money-laundering tactics are escalating across Web3. The SBI Crypto breach led to a $21 million loss in BTC, ETH, LTC, DOGE, and BCH. Although the company did not confirm the source, a joint investigation by ZachXBT and Cyvers found similarities with North Korean hacker groups. The stolen funds were moved through Tornado Cash, a crypto mixer, in a scheme reminiscent of the Lazarus Group’s operations.

New Tools and Greater Awareness Are Needed

The surge in honeypot tokens adds another layer to this troubling picture. These contracts allow users to buy tokens but block selling or withdrawals, trapping their funds. Around 2,189 such tokens were detected in October—a 600% monthly increase. Most were deployed on BNB Chain, with 1,780 cases, while Ethereum and Base recorded 216 and 131, respectively.

The attacks have also spread to social media and decentralized platforms. Astra Nova lost $10.3 million after its official account was hacked, while Garden Finance suffered a vulnerability that cost users about $10.8 million.

The attack surface in Web3 is expanding at an alarming pace. Artificial intelligence, contract-level exploits, and compromised accounts have created a new threat frontier—one where the risks no longer stem solely from code but from user trust itself