It depends.
You can't fake blockchain transactions just like that because all nodes have to agree on transactions.
In theory you could do a 51% attack on the smaller blockchains. But 51% attacks are not very profitable for criminals because there will always follow a liquidity crash and they are very expensive and hard to perform.
Cyber criminals will rather try to steal crypto from people instead of attacking the blockchain itself. Because they are trying to take the path of the least resistance with highest payout. You would be surprised how much people don't have 2fa authentication turned on and use the same password for different type of accounts. On the darkweb you can buy huge password lists of accounts that have been previously breached. There are specialized botnets in existence that can empty accounts on exchanges like this.
You can use this site to see if you have ever been hacked: https://haveibeenpwned.com/
Being hacked on an exchange can easily been prevent by using different passwords for all your accounts and always turn 2FA on. (Don't use SMS based 2FA)
Another great way cyber criminals use to steal crypto is with ransomeware. Or more common things like phishing for example.
That makes much more sense than trying to fake transactions on a blockchain.