Crypto Hacks Explode: $370 Million Stolen In January Alone: Researchers
The begin of this 12 months introduced a tough reminder: folks stay the weakest hyperlink. Reports be aware that roughly $370 million in crypto have been taken in January, a pointy climb from earlier months.
That surge was pushed principally by one large social-engineering con that emptied a single sufferer of about $284 million. Simple lies and well-crafted messages beat code this time.
Phishing Dominates Losses
According to CertiK, phishing-style scams grabbed about $311 million of the January haul. That means most losses got here from attackers tricking customers and insiders reasonably than breaking cryptographic methods.
Social stress, faux hyperlinks, and impersonation have been used to push victims into transferring funds. People clicked. Money moved. Accounts have been drained.
A Bigger Picture Of Monthly Swings
Based on studies, January’s complete is almost 4 occasions the $98 million stolen in January 2025 and greater than triple December’s near $118 million.
The month is the most important since February 2025, when roughly $1.5 billion was taken, most of that tied to the massive Bybit heist.
Those large occasions present how a single breach or rip-off can tilt a whole month’s tally. Numbers can look calm one month and explosive the following. That unpredictability retains wallets and treasuries on edge.
Combining all of the incidents in January we’ve confirmed ~$370.3M misplaced to exploits.
~$311.3M of the entire is attributed to phishing with one sufferer dropping ~$284M attributable to a social engineering rip-off.
More particulars under
pic.twitter.com/uXhi0P6dl5
— CertiK Alert (@CertiKAlert) January 31, 2026
Major Technical Exploits Hit Treasuries
PeckShield flagged a number of giant protocol assaults. Step Finance misplaced almost $29 million after treasury wallets have been compromised and over 261,000 SOL vanished.
Truebit suffered a $26.4 million hit when a wise contract flaw allowed near-free minting, which additionally crushed its token worth.
SwapNet and Saga have been amongst different victims, with losses round $13.3 million and $7 million respectively. Those hacks have been technical, aggressive, and quick.
#PeckShieldAlert In Jan. 2026, the crypto area noticed 16 hacks totaling $86.01M in losses, representing a slight 1.42% YoY lower in comparison with Jan. 2025 ($87.25M) however a notable 13.25% MoM surge from Dec. 2025 ($75.95M).
Meanwhile, #phishing stays staggering with losses… pic.twitter.com/pxugbsPcZ7
— PeckShieldAlert (@PeckShieldAlert) February 1, 2026
Why This Matters Now
Reports say there have been 40 exploit and rip-off incidents over January, although the majority of worth misplaced was concentrated in a number of circumstances.
That sample means the uncooked depend of incidents doesn’t inform the entire story; a single, well-executed con can dwarf many smaller breaches mixed. Some months will present many small thefts. Other months can be outlined by one monumental fraud.
What Needs To Change
Security groups and mission treasuries should tighten each human and technical safeguards. More rigorous pockets controls, staged approvals, and stronger id checks would blunt social-engineering strikes.
At the identical time, impartial code audits and faster response plans can restrict harm from sensible contract bugs. Education applications for employees and customers are low cost in contrast with the price of a single giant loss.
The current spike is a transparent message: attackers are mixing social ability with technical know-how. The playbook now typically begins with a message in a chat app or an e-mail, then turns into code-level theft.
Patching software program helps. Teaching folks learn how to spot scams will cease many assaults earlier than they ever attain the code.
Featured picture from Shutterstock, chart from TradingView