Crypto Theft Reached $370M in January, Up Nearly 4x Year-on-Year: CertiK

Crypto theft surged in January 2026, with losses totaling . According to reports from blockchain security firm CertiK, the increase is nahead four times higher than in January 2025. The sharp year-on-year increase highlights that threats from hackers, scammers, and malicious actors remain a persistent danger in digital asset markets, even as developers and platforms invest in improved security tools and monitoring.

This spike in crypto theft comes amid continued growth in decentralized finance (DeFi) products, cross-chain bridges, and tokenized ecosystems. While these features are innovative, they can introduce technical and operational risk to the broader crypto ecosystem, causing security experts to warn that, as crypto adoption broadens, crypto thefts are also becoming more sophisticated in targeting fragile links. 

Crypto Thefts Via Hacks, Phishing, and Smart Contracts Drive January Losses

According to CertiK’s January threat report, the $370 million in stemmed from a diverse set of attacks, including smart contract exploits, phishing campaigns that tricked unsuspecting users, and unauthorized wallet access via credential compromise. Smarter attackers are increasingly combining social engineering with technical exploits to maximize their take, often moving rapidly to obfuscate stolen funds through mixers and .

Smart contract exploits, where vulnerabilities in decentralized applications (dApps) are discovered and abused, accounted for a significant portion of the total. Many DeFi protocols rely on complex composable code, and even small logic flaws or mispriced arithmetic operations can open doors for attackers. Some incidents involved flash loan strategies that manipulated pricing or liquidity parameters long enough to drain assets before security measures could react.

Phishing attacks also spiked, with hackers designing convincing spoof sites or sending malicious wallet-interaction prompts via social channels. Once a user signs a malicious transaction, the attacker can drain the connected wallet immediately. Wallet credential theft contributed further to January’s tally. Once credentials are breached, attackers have free access to assets unless multi-factor authentication (MFA) or hardware wallet protections are in place.

Perpetrators Continue to Circumvent Security Measures

In response to the January crypto theft reports, security providers like CertiK have expanded automated vulnerability scanning, real-time threat alerts, and on-chain monitoring tools that can flag unusual contract behavior. Some platforms now integrate directly into user interfaces, alerting users when a contract they are about to interact with has unresolved issues.

Despite these efforts, attackers appear undeterred. As the value locked in DeFi products and tokenized ecosystems grows, so too does the incentive for sophisticated criminal operations to probe for fragile points. Some security analysts warn that as AI-driven code analysis and automated exploit tools mature, the speed at which vulnerabilities can be found will increase unless defensive tooling catches up.

As platforms and regulators push for stronger security standards and risk-mitigation frameworks, users are reminded that education, robust security practices, and cautious interaction with new protocols are essential in an environment where attackers continue to evolve.