The post Crypto Lost Nearly $400 Million to Theft and Scams in January appeared on BitcoinEthereumNews.com.

The crypto industry’s security challenges reached a critical point in January 2026. A surge in sophisticated phishing attacks and treasury breaches drained roughly $400 million from the ecosystem. Data from blockchain security firm CertiK shows that 40 recorded incidents cost the crypto industry approximately $370.3 million. Single $284 Million Phishing Attack Dominates However, that figure climbs to over $400.3 million when accounting for a $30 million exploit of the Solana-based platform Step Finance on January 31. Sponsored Sponsored CertiK reported that a singular, devastating social engineering scam, rather than complex protocol hacks, defined the month. #CertiKStatsAlert 🚨 Combining all the incidents in January we’ve confirmed ~$370.3M lost to exploits. ~$311.3M of the total is attributed to phishing with one victim losing ~$284M due to a social engineering scam. More details below 👇 pic.twitter.com/uXhi0P6dl5 — CertiK Alert (@CertiKAlert) January 31, 2026 A lone investor lost $284 million on January 16 after a phishing campaign targeting a hardware wallet. The theft represented roughly 71% of the month’s adjusted total losses. The attacker, impersonating Trezor customer support, manipulated the victim into revealing a recovery seed phrase. The heist resulted in the immediate theft of 1,459 Bitcoin and 2.05 million Litecoin. The immediate aftermath of the Trezor-related heist saw a massive rotation of stolen assets into Monero (XMR), a privacy-focused token that obscures transaction history. This high-volume conversion triggered a rally in Monero’s market price. The price action underscores the persistent challenges regulators face in addressing the use of privacy coins to facilitate illicit capital flight and money laundering. On the technical side, smart contract vulnerabilities continue to take a significant bite out of the market. Truebit reported a $26.6 million loss due to an overflow vulnerability, the month’s largest direct attack on a protocol’s code. Other notable victims included Swapnet, which lost $13…

---

Filed under: News - @ February 1, 2026 6:28 pm