Phemex exchange suffers major security breach with $69.1M stolen, representing the bulk of January’s crypto losses amid hot wallet vulnerability.
BNB Chain emerges as the most targeted network with 50% of all recorded attacks, followed by Ethereum accounting for 25% of incidents.
Despite monthly surge, year-over-year crypto theft shows 44.6% decrease from January 2024, indicating potential improvement in security measures.
If you are wondering when the cryptocurrency market might go a month without a major hack, the answer is probably never. As January 2025 draws to a close, the industry has already recorded nearly $80 million in losses due to cyberattacks across different sectors.
According to recent by Immunefi, a blockchain security firm, cybercriminals have stolen approximately $74 million through 19 hacking incidents this year. This marks a ninefold increase compared to the previous month.
Crypto Thefts Decline Year-Over-Year
Although the monthly surge in hacks is concerning, the overall figure marks a 44.6% decline compared to January 2024, when cybercriminals drained more than $133 million from the crypto space.
Most of the stolen funds this month came from two major hacks. On January 23, blockchain security firm Cyvers detected suspicious transactions on Singapore-based crypto exchange Phemex. The attack targeted the company’s hot wallets, leading to a $37 million loss. However, before the exchange could patch the vulnerability, hackers managed to loot over $69.1 million.
The second-largest attack occurred on Moby Trade, a decentralized finance (DeFi) platform specializing in options trading. Hackers exploited vulnerabilities in the protocol, resulting in a $2.5 million loss.
Smaller attacks on Orange Finance, IPC, The Idols NFT, UniLend Finance, Odos, Laura AI, Pika Infinity, and Sorra accounted for the remaining losses this month. However, it is notable that no cases of fraud were reported in January.
While the perpetrators of these attacks remain unidentified, industry experts suspect that the infamous North Korean hacking group, Lazarus, was behind the Phemex exploit.
According to blockchain security researchers, the hackers’ techniques and operational patterns closely resemble those of Lazarus, which has been linked to multiple high-profile crypto heists. The group is known for targeting international organizations and corporate institutions to fund North Korea’s missile and weapons programs.
“Every theft or scam has its own particular onchain behavior that can tell you a lot about what might have happened, how many people are involved and indicate whether the threat actor is more or less experienced,” Taylor Monahan, the principal security researcher for MetaMask, told The Block.
“Every theft or scam has its own particular onchain behavior that can tell you a lot about what might have happened, how many people are involved and indicate whether the threat actor is more or less experienced,” Taylor Monahan, the principal security researcher for MetaMask, The Block.
BNB Chain and Ethereum, Among the Most Targeted Networks
Immunefi’s report highlighted that BNB Chain suffered the highest number of attacks this month, accounting for 50% of all recorded hacks, with 10 separate incidents. Ethereum followed, making up 25% of the total.
Other affected blockchains included Arbitrum and Base, each experiencing two attacks, while Optimism reported a single breach.
With the year still in its early stages, it remains unclear how many more blockchain networks will be exploited. However, 2024 saw a string of attacks across the crypto industry. A December 2024 Chainalysis revealed that cybercriminals stole $2.2 billion in crypto-related hacks last year, marking a 21.07% increase year-over-year.
Between January and July 2024, hackers looted $1.58 billion, approximately 84.4% higher than the amount stolen during the same period in 2023.
