January Crypto Theft Soars to $370M, Marking Four-Fold Increase Year-Over-Year: CertiK
January's cryptocurrency theft figures represent a 214% surge compared to the previous month, with the lion's share of stolen funds attributed to one phishing attack targeting a single victim.
Cryptocurrency losses from scams and exploits climbed to $370.3 million throughout last month, representing the most substantial monthly total recorded in 11 months and marking an almost quadruple increase compared to January 2025.
According to a Saturday announcement from blockchain security firm CertiK, among the 40 incidents involving exploits and scams documented throughout January, the bulk of stolen value originated from a single victim who suffered losses of approximately $284 million through a social engineering attack.
Phishing scams were responsible for a substantial share of the total $370 million-plus in stolen cryptocurrency, accounting for $311.3 million in losses throughout the month.
The January numbers represent the most significant monthly cryptocurrency loss since February 2025, during which bad actors successfully stole approximately $1.5 billion in total throughout the month, with the majority stemming from the $1.4 billion compromise of cryptocurrency exchange Bybit, based on CertiK's data.
The most recent data shows a greater than 277% surge compared to January 2025, when bad actors successfully stole $98 million. Additionally, it represents a 214% rise from December, during which crypto theft losses totaled $117.8 million, according to CertiK's findings.
Step Finance, Truebut attacks among largest hacks
Blockchain security firm PeckShield reported on Sunday that Saturday's Step Finance compromise represented the month's most significant hack.
The attack on the decentralized finance portfolio tracking platform resulted in the theft of approximately $28.9 million, during which multiple treasury wallets belonging to the platform were breached, resulting in the loss of more than 261,000 Solana (SOL) tokens.
The second-most significant exploit during the month was the $26.4 million compromise of the Truebit protocol occurring on Jan. 8, during which an attacker exploited a vulnerability in a smart contract to mint tokens at virtually no expense, simultaneously causing the Truebit (TRU) token price to plummet.
PeckShield additionally highlighted the $13.3 million breach targeting liquidity provider SwapNet on Jan. 26 and the $7 million attack against blockchain protocol Saga on Jan. 21.
According to the security company, January witnessed a total of 16 hacks, resulting in combined losses of $86.01 million, representing a 1.42% decline compared to the same period one year earlier, though marking a more than 13% increase from December.