Outside Source
Crypto hacks dropped 44% year-over-year in January, but CeFi remains the prime target, accounting for 93% of total losses, Immunefi said.
News
Cryptocurrency hackers continue stealing user funds, but cybertheft in January was less than stolen in the year-earlier period, flashing a positive sign for the crypto industry.
Crypto hackers stole over $73 million worth of digital assets across 19 individual incidents in January, marking a 44% decrease from $133 million in January 2024.
Still, January’s $73 million was a ninefold month-over-month increase from December, when hackers only stole $3.8 million worth of cryptocurrency, according to a Jan. 30 Immunefi report shared with Cointelegraph.
Top 10 losses in January. Source: Immunefi
The attack on Singapore-based crypto exchange Phemex was the biggest hit, accounting for over $69 million worth of stolen value, while the $2.5 million hack on Moby Trade options platform was second.
Crypto losses, January 2025, breakdown. Source: Immunefi
Crypto hacks continue to plague mainstream trust in crypto, costing the industry $2.3 billion across 165 incidents in 2024, a 40% increase over 2023, when hackers stole $1.69 billion worth of crypto.
Related: Top 100 DeFi Hacks: Offchain attack vectors account for 57% of losses
CeFi remains the main target for hackers in 2025: Immunefi CEO
Centralized finance (CeFi) platforms accounted for over $69 million, or 93% of the total value lost in January 2025, while decentralized finance (DeFi) accounted for 6.5% with $4.8 million lost across 18 incidents.
DeFi vs CeFi losses. Source: Immunefi
CeFi platforms will remain the main targets for crypto hackers in 2025, warned Mitchell Amador, founder and CEO of Immunefi.
Amador told Cointelegraph:
“The largest volume of losses will likely come from CeFi, as hackers are targeting infrastructure, particularly through private key compromises. CeFi doesn’t generally suffer the highest number of successful attacks, but when a breach occurs, it typically leads to catastrophic losses.”
“A stolen private key allows a hacker to withdraw an enormous amount of funds,” in contrast to DeFi exploits, which are more frequent but only result in “partial losses rather than a total compromise of funds,” added Amador.
Related: Quantum computing will fortify Bitcoin signatures: Adam Back
CeFi remains vulnerable to human error and phishing attacks
CeFi infrastructure also remains vulnerable to human error-induced threats like phishing attacks, which makes a multi-layered security approach necessary, said Amador, adding:
“CeFi platforms must adopt a multi-layered security approach that includes enhancing key management, including reducing reliance on single private keys. Improving OpSec best practices is also crucial, including regular security training for employees…”
Creating bug bounty programs and implementing real-time threat detection tools may also increase the security of these protocols, according to Immunefi’s founder.
Immunefi is currently offering over $181 million worth of bug bounties for ethical hackers, also known as white hat hackers. The platform is safeguarding over $190 billion worth of crypto user funds.
The Most Dangerous Crypto Scam: Victims Speak Out. Source: YouTube
Magazine: They solved crypto’s janky UX problem — you just haven’t noticed yet
This article first appeared at Cointelegraph.com News
