Blockchain security incidents surged at the start of 2026, making January one of the most costly months for crypto users and platforms in recent years. CertiK’s aggregated data reports confirmed losses from exploits, phishing, and scams at roughly $398 million. While protocol-level attacks continued, the majority of damage now stems from user-targeted strategies. Experts note that this trend reflects attackers increasingly leveraging social media platforms, messaging apps, and fake customer support channels to deceive victims.
Other attack types contributed smaller amounts. DeFi-related exploits caused $50.4 million in losses, address poisoning cost $12.9 million, and Layer 1 protocol vulnerabilities accounted for $6.2 million. Wallet drainers added another $4.7 million in losses. The range of attacks also included sophisticated scam websites and impersonation tactics, indicating that attackers increasingly target human behavior rather than technical flaws, exploiting trust, urgency, and interface deception.
Recovery of stolen funds remained minimal, with only $4.4 million returned to victims. The difficulty reflects how quickly assets move through mixers, bridges, or cross-chain swaps. Despite this, many audited protocols remained resilient, and ongoing adoption of wallet protections, multi-layered security measures, and real-time monitoring tools helps reduce long-term risk.
