The crypto business’s safety challenges reached a essential level in January 2026. A surge in refined phishing assaults and treasury breaches drained roughly $400 million from the ecosystem.
Knowledge from blockchain safety agency CertiK reveals that 40 recorded incidents value the crypto business roughly $370.3 million.
Single $284 Million Phishing Assault Dominates
Nevertheless, that determine climbs to over $400.3 million when accounting for a $30 million exploit of the Solana-based platform Step Finance on January 31.
Sponsored
Sponsored
CertiK reported {that a} singular, devastating social engineering rip-off, quite than advanced protocol hacks, outlined the month.
Combining all of the incidents in January we’ve confirmed ~$370.3M misplaced to exploits.
~$311.3M of the whole is attributed to phishing with one sufferer dropping ~$284M as a consequence of a social engineering rip-off.
Extra particulars under 👇 pic.twitter.com/uXhi0P6dl5
— CertiK Alert (@CertiKAlert) January 31, 2026
A lone investor misplaced $284 million on January 16 after a phishing marketing campaign concentrating on a {hardware} pockets. The theft represented roughly 71% of the month’s adjusted whole losses.
The attacker, impersonating Trezor buyer assist, manipulated the sufferer into revealing a restoration seed phrase. The heist resulted within the fast theft of 1,459 Bitcoin and a pair of.05 million Litecoin.
The fast aftermath of the Trezor-related heist noticed a large rotation of stolen belongings into Monero (XMR), a privacy-focused token that obscures transaction historical past.
This high-volume conversion triggered a rally in Monero’s market worth. The worth motion underscores the persistent challenges regulators face in addressing using privateness cash to facilitate illicit capital flight and cash laundering.
On the technical facet, good contract vulnerabilities proceed to take a big chew out of the market. Truebit reported a $26.6 million loss as a consequence of an overflow vulnerability, the month’s largest direct assault on a protocol’s code.
Different notable victims included Swapnet, which misplaced $13 million. DeFi protocols Saga and Makina Finance additionally misplaced $6.2 million and $4.2 million, respectively.
The Step Finance breach concerned draining a number of treasury and charge wallets through a “well-known attack vector,” ensuing within the motion of 261,854 SOL.
Earlier at present a number of of our treasury wallets had been compromised by a classy actor throughout APAC hours. This was an assault facilitated via a well-known assault vector.
Fast remediation steps have been taken, and we’re working carefully with high safety professionals.…
— Step☀️ (@StepFinance_) January 31, 2026
Because the business enters February, these figures function a stark reminder that even probably the most strong {hardware} encryption is ineffective when user-level safety is bypassed.
