Crypto hacks dropped by 44% year-over-year in January. Centralized finance, or CeFi, remains the main target, accounting for 93% of total losses, according to Immunefi.

In January, hackers stole over $73 million in digital assets across 19 incidents. That’s a significant drop from the $133 million taken in January 2024. However, it’s important to note that this amount is a ninefold increase from December, when only $3.8 million was stolen, as reported by Immunefi on January 30.

The biggest incident involved a cyberattack on the Singapore-based exchange Phemex, which lost more than $69 million. The second-largest breach was a $2.5 million hack of the Moby Trade options platform.

Even with this decrease, crypto hacks still hurt public trust in the industry. In 2024, losses totaled $2.3 billion across 165 incidents. That’s a 40% increase compared to 2023, when hackers stole $1.69 billion.

In January 2025, centralized finance platforms accounted for over $69 million, or 93% of total losses. In contrast, decentralized finance (DeFi) platforms only accounted for 6.5%, losing $4.8 million across 18 incidents. Experts warn that CeFi will continue to be the main target for hackers this year, as noted by Mitchell Amador, the founder and CEO of Immunefi.

Amador explained that most losses will likely come from CeFi. Hackers often target infrastructure, especially through private key compromises. While CeFi may not experience the highest number of successful attacks, when a breach happens, it usually leads to catastrophic losses.

A stolen private key allows hackers to withdraw large amounts of funds. This is different from DeFi exploits, which happen more often but typically result in partial losses rather than a total compromise of funds.

CeFi platforms also face risks from human errors, like phishing attacks. This highlights the need for a multi-layered security approach. Amador emphasized the importance of improving key management and reducing reliance on single private keys. Regular security training for employees is also crucial.

To enhance security, Immunefi suggests creating bug bounty programs and implementing real-time threat detection tools. The platform currently offers over $181 million in bug bounties for ethical hackers, also known as white hat hackers. They are protecting over $190 billion in user funds.