Crypto theft totaled $73 million in January 2025, a 44% drop compared to $133 million in January 2024, according to Immunefi.
However, losses skyrocketed from December’s $3.8 million, marking a ninefold monthly increase.
The biggest breach targeted Singapore-based exchange Phemex, resulting in $69 million in losses, while Moby Trade suffered a $2.5 million attack. CeFi platforms accounted for 93% of all stolen funds, while DeFi hacks amounted to just $4.8 million across 18 incidents.
Immunefi CEO Mitchell Amador warned that CeFi remains the top target for hackers, mainly due to private key compromises, which often lead to massive fund withdrawals. DeFi, on the other hand, faces more frequent but less severe losses due to its smart contract vulnerabilities.
CeFi platforms are also exposed to phishing attacks and human error, highlighting the need for stronger security practices. Amador stressed the importance of enhanced key management, reducing reliance on single private keys, and staff training to prevent breaches.
Immunefi is actively supporting security enhancements, offering $181 million in bug bounties to ethical hackers to help protect over $190 billion in crypto assets.
WOO X, a popular cryptocurrency trading platform, has been hit by a serious security breach.
The first half of 2025 has already become the most damaging period in Web3 security history, according to Hacken’s newly released Half-Year Security Report.
The U.S. Department of Justice has officially ended its investigation into Kraken co-founder Jesse Powell, according to a Fortune report.
Indian crypto exchange CoinDCX has confirmed a $44 million security breach involving one of its internal liquidity accounts.