Even with improved tools, scams and technical weaknesses continue to expose users and platforms to risk
Crypto-related theft surged sharply in January, with losses climbing far above the figures recorded in December. Data from blockchain security firms shows attackers walked away with roughly $370 million worth of digital assets, marking the highest monthly total in nearly a year and a dramatic jump from the prior month.
According to CertiK, the spike was driven largely by a single social engineering incident that cost one victim close to $284 million. While there were about 40 reported exploits and scams during the month, that one case accounted for most of the damage. Phishing schemes were the most common attack type, responsible for more than $311 million in stolen funds.
The January total represents a 214% increase from December, when losses stood near $118 million. Compared with January of the prior year, theft levels were up more than 277%. The last time losses were higher was February 2025, a month heavily impacted by a major exchange breach that alone exceeded $1 billion.
Other notable incidents added to the month’s grim tally. PeckShield reported that the largest technical exploit involved Step Finance, where attackers compromised treasury wallets and drained nearly $29 million, mostly in Solana tokens. Another significant case hit the Truebit protocol after a smart contract flaw allowed tokens to be created at minimal cost, leading to losses of more than $26 million.
Additional attacks included a $13 million breach of liquidity provider SwapNet and a $7 million exploit targeting the Saga blockchain. PeckShield counted 16 hacking incidents overall in January, totaling about $86 million. While that figure was slightly lower than a year earlier, it still showed a clear rise from December.
