CertiK: over $370M don loss for January as phishing and 'wrench attacks' dey rise

Published: 2026-02-06 10:17:02 |

Security firm CertiK report say dem loss more than $370 million for crypto because of exploits, hacks and scams for January 2026, later dem update am to over $398 million across 42 incidents. Phishing and social‑engineering attacks make up roughly $311 million of the total, and about $284 million na come from one big phishing/social‑engineering scam. January 2026 losses nearly four times January 2025 level and sharply up from December 2025. Major incidents include theft of ~261,854 SOL (about $27–28M) from Step Finance treasury wallets and a Truebit exploit wey abuse integer‑overflow vulnerability to mint tokens, cause about $26–26.6M damage and sharp drop in TRU. CertiK’s Skynet report also flag 75% year‑on‑year rise in “wrench attacks” (physical coercion like kidnapping, assaults and home invasions) in 2025, with 72 verified incidents and confirmed losses above $40.9M; Europe account for about 40% of those incidents, France suffer most. CertiK warn say real toll likely higher because of under‑reporting and silent settlements and note scammers dey use AI more. For traders: expect higher short‑term volatility for affected tokens (especially SOL and TRU), bigger market sensitivity to security disclosures, and more scrutiny on custody and on‑chain risk. Primary keywords: crypto scams, phishing, social engineering, wrench attacks, DeFi exploits, Step Finance, Truebit, CertiK.

Bearish

Di wetin dem report — big phishing/social‑engineering losses and high‑value exploits — dey increase downside pressure directly for di affected tokens, especially SOL (Step Finance theft) and TRU (Truebit exploit). Immediate effects: victims go sell more, risk premia go widen on tokens wey connect to compromised projects, and short-term liquidity squeezes fit make price swings bigger. Market people normally respond to security breaches by quick de‑risking: exchanges fit delist or pause deposits/withdrawals for exposed tokens, and market makers go widen spreads, reduce depth and raise volatility. Medium term: if projects fix things fast, restore reserves or give clear recovery plans, prices fit stabilise; if uncertainty continue, thefts still dey happen, or governance/contract failures show, demand go remain low and valuations stay depressed. The extra factor of rising physical “wrench attacks” and AI‑enhanced scams dey raise systemic risk perception across DeFi, likely to push up the market’s security premium and reduce investor appetite for higher‑risk or poorly audited tokens. For traders, di most likely outcome na continued downside pressure on the directly affected assets, with higher short‑term volatility and a longer‑term discount for tokens wey show security weaknesses.