Crypto Cyberattacks Surge 214% with $370 Million Stolen in January 2026
Rabat – Cyberattacks and fraud targeting cryptocurrency platforms and users surged in early 2026, heightening risks for investors and service providers, according to cybersecurity firms, government agencies, and company disclosures.
Blockchain security firm PeckShield reported that 16 cryptocurrency hacks were recorded globally in January 2026, resulting in $86.01 million in losses. The figure represented a slight decrease compared with January 2025, but a month-over-month increase of more than 13% from December 2025, according to data published by the firm on X.
PeckShield said the largest incidents included breaches at SwapNet, the Mithril trading bot, and the Makinafi protocol, with losses primarily involving ETH and USDC.
Separately, Web3 security firm CertiK said the total value of crypto-assets stolen through hacks and fraudulent schemes in January exceeded $370 million, the highest monthly total in the past 11 months.
CertiK recorded around 40 exploit- and fraud-related incidents during the month, estimating that phishing accounted for $311.3 million of the losses. One phishing case alone resulted in the theft of about $284 million from a single user, the firm said.
The firm said January’s losses were more than four times higher than those recorded at the start of 2025, when stolen assets were estimated at $98 million.
The January total also marked a 214% increase from December 2025. The last higher monthly total was recorded in February of the previous year, following a major exchange hack, according to the firm.
The rise in hacking activity has coincided with data breaches affecting crypto-related service providers. In France, Waltio disclosed in January that it had been alerted to unauthorized access to certain user data linked to the generation of 2024 crypto tax reports. According to the Le Parisien newspaper, hackers from Shiny Hunters group stole data from 50,000 Waltio users’ accounts.
The company said the exposed data included users’ email addresses and aggregated tax information, such as gains, losses, and account balances as of Dec. 31, 2024, but did not include passwords, wallet addresses, exchange API keys, transaction histories, or banking details.
Waltio said it filed a criminal complaint with the Parquet de Paris for attempted extortion and unauthorized access to an automated data processing system. French authorities said a preliminary investigation is underway, led by the cybercrime unit of the Paris prosecutor’s office and assigned to the National Cyber Unit of the French Gendarmerie, UNCyber.
In a public advisory, Cybermalveillance.gouv.fr said several crypto-asset operators in France had recently experienced personal data breaches.
The agency reported an increase in complaints from crypto holders contacted by individuals posing as platform employees, bank anti-fraud staff, or law enforcement officials, often seeking to obtain recovery keys or induce transfers to fraudulent wallets.
The government platform also warned that some cases involved physical threats or violence. Industry data cited by CertiK showed that so-called “wrench attacks,” which involve physical coercion to force crypto transfers, rose 75% year over year in 2025, with 72 verified incidents globally and $40.9 million in assets stolen.
Security firms said the January figures highlight persistent vulnerabilities in smart contracts, trading systems, and user-facing security practices. PeckShield and CertiK both reported that many incidents involved the exploitation of known weaknesses or social engineering rather than failures of blockchain protocols themselves.
According to CertiK, hackers stole more than $3 billion in cryptocurrencies during the first half of 2025, and in nearly 70% of cases, stolen funds began moving before information about the breach became public.
Authorities and cybersecurity firms have urged crypto users and platforms to strengthen security controls and remain cautious of unsolicited contacts as investigations into recent incidents continue.