Crypto theft totaled $73 million in January 2025, a 44% drop compared to $133 million in January 2024, according to Immunefi.
However, losses skyrocketed from December’s $3.8 million, marking a ninefold monthly increase.
The biggest breach targeted Singapore-based exchange Phemex, resulting in $69 million in losses, while Moby Trade suffered a $2.5 million attack. CeFi platforms accounted for 93% of all stolen funds, while DeFi hacks amounted to just $4.8 million across 18 incidents.
Immunefi CEO Mitchell Amador warned that CeFi remains the top target for hackers, mainly due to private key compromises, which often lead to massive fund withdrawals. DeFi, on the other hand, faces more frequent but less severe losses due to its smart contract vulnerabilities.
CeFi platforms are also exposed to phishing attacks and human error, highlighting the need for stronger security practices. Amador stressed the importance of enhanced key management, reducing reliance on single private keys, and staff training to prevent breaches.
Immunefi is actively supporting security enhancements, offering $181 million in bug bounties to ethical hackers to help protect over $190 billion in crypto assets.
A Massachusetts man has been handed a six-year prison sentence after federal authorities exposed his unlicensed crypto operation, which laundered over $1 million under the guise of a vending machine business.
The decentralized exchange Cetus, built on the Sui blockchain, has been hit with one of the largest DeFi exploits of the year, losing over $220 million in crypto assets.
An effort by Bitcoin SV investors to seek billions in compensation from major crypto exchanges has largely fallen flat in the UK Court of Appeal.
A previously undisclosed security breach has exposed sensitive user data of nearly 70,000 Coinbase customers, following what appears to be an internal compromise involving bribed support staff.