Crypto Losses Surge to $370M in January 2026 — Marking the Highest Monthly Hit in Nearly a Year, Reports CertiK
Crypto’s rough start to 2026 just got a price tag: a staggering $370 million vanished in January alone. That’s not just a bad month—it’s the worst single-month loss the space has seen in eleven months, according to fresh data from blockchain security firm CertiK.
The Anatomy of a $370M Drain
Forget slow leaks. January was a month of targeted strikes and systemic failures. Exit scams pulled the classic rug, private key compromises turned digital vaults into empty boxes, and flash loan attacks exploited DeFi’s own mechanics against it. The numbers tell a brutal story: $370 million gone, setting a grim pace for the year.
A Wake-Up Call, Not a Death Knell
Let’s be clear—this isn’t a signal that crypto is failing. It’s a screaming siren that the infrastructure supporting its trillion-dollar ambitions is still being built in real-time. Every major hack is a public audit, exposing the weak points that need reinforcing. The industry’s response to these losses—not the losses themselves—will define its maturity. It’s the ultimate stress test, separating projects built on hype from those built on code that can actually hold value.
The Bottom Line
A $370 million loss hurts, but in the grand scheme of a volatile asset class, it’s a costly lesson, not a catastrophe. It’s a reminder that in crypto, security isn’t a feature—it’s the foundation. The market has weathered worse and emerged stronger, albeit with a few more scars and a much sharper focus on what actually keeps funds safe. After all, what’s a few hundred million between friends in a sector that treats volatility like a morning coffee? The real test is what gets built in February.
Phishing Drives $311M in Crypto Losses as January Theft Surges
Phishing scams were the dominant vector overall, accounting for $311.3 million of the total stolen.
January’s losses represent a nearly fourfold rise from January 2025, when attackers made off with $98 million, and more than triple December’s total of $117.8 million.
The figure is the highest since February 2025, when total monthly losses reached about $1.5 billion following the $1.4 billion hack of crypto exchange Bybit, CertiK said.
While phishing and scams drove most of the damage, on-chain exploits remained a persistent threat.
Blockchain security firm PeckShield reported that the largest hack in January targeted Step Finance, a decentralized finance portfolio tracker on Solana.
#CertiKStatsAlert
Combining all the incidents in January we’ve confirmed ~$370.3M lost to exploits.
~$311.3M of the total is attributed to phishing with one victim losing ~$284M due to a social engineering scam.
More details below
pic.twitter.com/uXhi0P6dl5
Attackers drained roughly $28.9 million after compromising several treasury wallets, siphoning more than 261,000 SOL.
The second-largest exploit involved the Truebit protocol, which lost about $26.4 million on Jan. 8 after a smart contract flaw allowed an attacker to mint tokens at minimal cost, triggering a sharp drop in the price of the TRU token.
PeckShield also flagged a $13.3 million hack on SwapNet and a $7 million exploit affecting the Saga network.
PeckShield counted 16 hacks in total during January, resulting in $86 million in losses. While that figure was slightly lower than a year earlier, it marked a notable increase from December, underscoring the continued volatility of crypto security risks.
Crypto Crime Hits Record $154B in 2025, Chainalysis Says
Crypto-related crime remains a growing concern. According to Chainalysis, illicit cryptocurrency addresses received a record $154 billion in 2025, a sharp increase from the year before.
In another case, US prosecutors have charged a 23-year-old Brooklyn resident, Ronald Spektor, with stealing roughly $16 million in cryptocurrency from around 100 Coinbase users through an alleged phishing and social engineering scheme.
According to the Brooklyn District Attorney’s Office, Spektor posed as a Coinbase employee and contacted victims claiming their funds were at immediate risk, pressuring them to transfer crypto to wallets he controlled.
Authorities said the scheme relied on panic tactics rather than technical hacks. Operating under the online alias “lolimfeelingevil,” Spektor allegedly warned victims of imminent theft to override skepticism and force quick decisions.
