Crypto Exploit Losses Hit $370 Million in January, CertiK Reports
Phishing continues to dominate digital‑asset theft while “wrench” attacks – physical assaults aimed at wallets – are on a steep upward trajectory.
January’s headline‑making losses
Security‑analytics firm CertiK released data indicating that crypto users collectively suffered losses totalling roughly $370.3 million in the month of January. The bulk of this figure—about $311 million—was attributed to phishing campaigns, with a single social‑engineering operation accounting for close to $284 million of the total.
According to the firm’s breakdown, incidents that stem from technical vulnerabilities, such as smart‑contract bugs, price‑manipulation schemes, or direct wallet compromises, represented only around 16 % of the overall losses.
Phishing remains the low‑hanging fruit
The dominance of phishing underscores a persistent challenge for the crypto ecosystem: human‑factor risk. Even as blockchain protocols and smart‑contract audits become more sophisticated, attackers continue to exploit the trust and inexperience of end users. The large‑scale scam highlighted by CertiK targeted an individual rather than a protocol, illustrating how a single successful deception can have an outsized impact on the sector’s loss statistics.
Physical “wrench” attacks gain ground
Beyond digital exploits, CertiK’s latest Skynet Wrench Attacks report flags a sharp rise in physically coercive theft attempts. The firm recorded a 75 % increase in such incidents during 2025, with confirmed losses of $40.9 million – a figure the firm believes is likely under‑reported.
Wrench attacks involve the use of force, intimidation, or kidnapping to obtain private keys or direct access to crypto wallets. Kidnapping remains the most frequent method, while other forms of physical assault have surged 250 % year‑over‑year. Geographically, Europe accounts for more than 40 % of reported cases, with France leading in the number of incidents.
What the data means for the crypto community
-
Human‑centric security is still the weakest link. The overwhelming share of losses tied to phishing shows that education, awareness, and robust KYC/AML processes remain critical, especially for retail users and high‑net‑worth individuals.
-
Technical defenses alone are insufficient. While protocol upgrades and audit services have helped reduce the frequency of code‑related breaches, the data suggests that a broader security posture—including personal safety measures—is now required.
-
Physical security is emerging as a real threat vector. The rise in wrench attacks signals that criminals are extending their tactics beyond the digital realm. Crypto founders, fund managers, and anyone holding sizable digital assets may need to consider personal protection protocols, secure storage solutions that limit physical exposure, and contingency plans for coercion scenarios.
- Regional risk profiling is evolving. With Europe, and particularly France, emerging as hotspots for physical attacks, regulators and law‑enforcement agencies in these jurisdictions may need to adapt their frameworks to address the intersection of cyber‑crime and traditional violent crime.
Key takeaways
- $370 M in losses were recorded in January, with ≈85 % stemming from phishing.
- A single social‑engineering scam caused roughly $284 M of the damage.
- Technical exploits (smart‑contract bugs, wallet hacks, etc.) accounted for ≈16 % of the total loss.
- Physical “wrench” attacks rose 75 % in 2025, resulting in $40.9 M of confirmed theft, likely an underestimate.
- Kidnapping remains the predominant method of physical coercion; physical assaults themselves jumped 250 % YoY.
- Europe is the leading region for reported wrench attacks, with France topping the list of incidents.
Conclusion
CertiK’s latest findings paint a two‑pronged threat landscape for the cryptocurrency sector: persistent phishing attacks that exploit human trust, and an increasingly aggressive wave of physical intimidation targeting asset holders. Stakeholders—from individual investors to institutional platforms—must augment their security strategies to address both digital and corporeal vulnerabilities if they hope to curb the rising tide of crypto‑related losses.
Source: https://thedefiant.io/news/research-and-opinion/crypto-exploit-losses-hit-usd370-million-in-january-certik
