The value of stolen cryptocurrency soared to $370.3 million in January, a staggering increase nearly four times higher than the same month last year. According to CertiK, this figure marks the highest monthly theft in nearly a year, as malicious actors exploited vulnerabilities and scams.
In total, there were 40 reported incidents of exploits and scams throughout January. Notably, one victim alone incurred losses of approximately $284 million due to a sophisticated social engineering scam. Phishing schemes played a significant role in the overall thefts, accounting for roughly $311.3 million of the total losses.
This spike in thefts represents a more than 277% increase compared to January of the previous year, when losses were reported at $98 million. Additionally, the figures indicate a 214% rise from December”s losses, which totaled $117.8 million, as per CertiK”s analysis.
Major Hacks Drive Losses
Among the most significant hacks reported in January was the breach of Step Finance, which resulted in the theft of around $28.9 million. The attack compromised several treasury wallets associated with this decentralized finance portfolio tracker, leading to the theft of over 261,000 Solana (SOL).
Following closely was the $26.4 million hack of the Truebit protocol on January 8, stemming from a flaw in its smart contract that allowed the attacker to mint tokens with minimal costs, subsequently crashing the value of the Truebit (TRU) token.
Other notable breaches included a $13.3 million hack of the liquidity provider SwapNet on January 26 and a $7 million exploit against the blockchain protocol Saga on January 21. In total, there were 16 hacks reported for the month, which resulted in losses totaling $86.01 million; this reflects a minor 1.42% decrease year-over-year but represents more than a 13% increase from December.
The alarming rise in cryptocurrency theft underlines the ongoing security challenges faced by users and platforms in the digital asset space. As scams and exploits become increasingly sophisticated, the need for robust security measures and user awareness has never been more critical.
