BTC
$0.00
0.00%
In August 2025, renowned NFT artist Princess Hypio fell victim to a sophisticated attack involving social engineering. The artist, who works in the field of non-fungible tokens, lost approximately $170,000 in tokens and NFTs after accepting a “game collection” linked to Steam from someone she considered her best friend. Using malicious software—a Trojan program—hackers gained access to her digital assets.
As a result, fraudsters are increasingly less likely to attack the blockchain itself. Instead, attackers exploit human trust and curiosity in various communities, not just thematic ones. According to analytical data, in the first half of 2025, social engineering accounted for 15% of all losses from crypto fraud.
The attack mechanism seems simple but is extremely effective. Attackers infiltrate gaming or crypto servers on Discord, posing as friendly participants. They then send links to “playtest” or “try my game.” Sometimes it looks like a real, legitimate project on Steam, sometimes like a file on a fake server. Once installed, the program secretly installs malicious software that steals crypto wallet credentials, session cookies, and Discord login details. As a result, fraudsters gain complete control over the victim's digital assets and accounts.
Artist Princess Hypio, who was very active in digital art and had a significant NFT collection, has become one of the most high-profile victims this year. Her story is a vivid example and demonstrates to the general public how costly a single mistake in the digital environment can be.
Cybersecurity experts emphasize that such attacks are becoming increasingly diverse. Whereas previously fraudsters focused on Discord communities, they now also actively masquerade as support services for hardware wallet manufacturers. For example, in the spring of 2025, there was a wave of phishing emails purportedly from Ledger. The messages urged users to urgently provide their secret recovery phrases for a “critical security update.” Those who fell for the scam effectively lost control of their assets.
Cybersecurity experts urge users to be as cautious as possible: do not install questionable programs, check the sources of links, and never share your keys or recovery phrases. After all, modern fraudsters no longer work with technology, but with the weakest link in the world of cryptocurrency — human trust.