hodler

2 Feb 2026, 10:33

Crypto theft rebounds in January as CertiK highlights phishing surge

Cryptocurrency theft rebounded sharply in January, with total losses from exploits and scams reaching $370.3 million, according to data from blockchain security firm CertiK. The figure marked the highest monthly total in 11 months and signalled a clear reversal from the relatively lower losses recorded toward the end of last year. January’s total was nearly four times higher than the $98 million stolen in January 2025 and more than triple the $117.8 million lost in December. CertiK recorded at least 40 exploit and scam incidents during the month. However, the data showed that overall losses were not evenly distributed, with a small number of incidents accounting for the vast majority of stolen funds. CertiK Alert @CertiKAlert · Follow #CertiKStatsAlert 🚨Combining all the incidents in January we’ve confirmed ~$370.3M lost to exploits.~$311.3M of the total is attributed to phishing with one victim losing ~$284M due to a social engineering scam.More details below 👇 5:30 PM · Jan 31, 2026 40 Reply Copy link Read 3 replies One scam skews monthly totals According to CertiK, most of the value stolen in January came from a single victim who lost around $284 million in a large-scale social engineering scam. Social engineering scams rely on manipulation rather than technical vulnerabilities, persuading victims to approve transactions themselves. These schemes often involve impersonation, urgency, and fear-based messaging to push users into transferring funds. CertiK said this type of attack played an outsized role in January’s surge, highlighting a persistent weakness in user-facing security rather than blockchain infrastructure alone. Phishing dominates loss profile Phishing scams were the dominant vector throughout the month, accounting for $311.3 million of the total crypto stolen in January, CertiK said. These attacks typically involve fraudulent messages or websites designed to trick users into revealing private keys or signing malicious transactions. The scale of phishing-related losses meant that scam activity, rather than protocol-level exploits, was the primary driver behind January’s rebound. While technical attacks continue to pose risks, the data showed that user-targeted scams were responsible for the bulk of financial damage during the period. January’s losses were the largest monthly total since February 2025, when attackers stole around $1.5 billion. That earlier spike was driven largely by the $1.4 billion hack of crypto exchange Bybit. CertiK Alert @CertiKAlert · Follow #CertiKStatsAlert 🚨Combining all the incidents in January we’ve confirmed ~$370.3M lost to exploits.~$311.3M of the total is attributed to phishing with one victim losing ~$284M due to a social engineering scam.More details below 👇 5:30 PM · Jan 31, 2026 40 Reply Copy link Read 3 replies Exploits still hit DeFi projects Although scams accounted for most of the value lost, on-chain exploits continued to affect decentralised finance platforms. Blockchain security firm PeckShield reported that the largest exploit in January targeted Step Finance, a decentralised finance portfolio tracker operating on Solana. Attackers compromised several treasury wallets and stole about $28.9 million, draining more than 261,000 SOL in the process. PeckShield said the attack was the largest exploit recorded during the month. The second-largest exploit affected the Truebit protocol on Jan. 8, when a flaw in a smart contract allowed an attacker to mint tokens at almost no cost. The incident resulted in losses of about $26.4 million and led to a sharp decline in the price of the TRU token. PeckShield also highlighted a $13.3 million hack on liquidity provider SwapNet on Jan. 26 and a $7 million exploit targeting the Saga blockchain protocol on Jan. 21. PeckShield counted 16 hacks in total during January, with combined losses of $86.01 million. While that figure represented a slight decline from a year earlier, it marked a more than 13% increase from December, pointing to renewed pressure on DeFi security. PeckShieldAlert @PeckShieldAlert · Follow #PeckShieldAlert In Jan. 2026, the crypto space saw 16 hacks totaling $86.01M in losses, representing a slight 1.42% YoY decrease compared to Jan. 2025 ($87.25M) but a notable 13.25% MoM surge from Dec. 2025 ($75.95M). Meanwhile, #phishing remains staggering with losses 5:09 PM · Feb 1, 2026 48 Reply Copy link Read 6 replies Crime concerns extend beyond January The rebound in January losses comes amid broader concerns about crypto-related crime. Blockchain analytics firm Chainalysis has reported that illicit cryptocurrency addresses received a record $154 billion in 2025, indicating sustained growth in illegal activity across the sector. Law enforcement cases continue to show how phishing and impersonation schemes operate in practice. In one recent case, US prosecutors charged a 23-year-old Brooklyn resident, Ronald Spektor, with stealing roughly $16 million in cryptocurrency from around 100 Coinbase users. Authorities said the alleged scheme relied on posing as a Coinbase employee and pressuring victims to transfer funds by claiming their accounts were at immediate risk. The post Crypto theft rebounds in January as CertiK highlights phishing surge appeared first on Invezz

2 Feb 2026, 10:06

CrossCurve identifies 10 wallets involved in the $3M bridge exploit

Decentralised finance protocol CrossCurve has identified ten Ethereum wallet addresses involved in the exploit of its bridge infrastructure. Unofficial estimates claim nearly $3 million worth of funds may have been drained. The incident, which occurred on Sunday, involved a vulnerability in one of CrossCurve’s smart contracts that forms part of its cross-chain bridge infrastructure, which is designed to enable token transfers between different chains. The breach has impacted several networks, and CrossCurve has urged users to avoid interacting with the protocol until the issue has been patched. CrossCurve @crosscurvefi · Follow ⚠️ URGENT Security NoticeDear users,Our bridge is currently under attack, involving the exploitation of a vulnerability in one of the smart contracts used.Please pause all interactions with CrossCurve while the investigation is ongoing.We appreciate your patience and 2:15 AM · Feb 2, 2026 248 Reply Copy link Read 16 replies Notably, an attacker leveraged a smart contract vulnerability to bypass message validation and trigger unauthorised fund releases. A formal post-mortem of the incident has also not yet been published. Defimon Alerts, a blockchain security tracker operated by Decurity, speculated that the vulnerability may have stemmed from improper validation logic in CrossCurve’s ReceiverAxelar contract. Their analysis suggests that the contract’s expressExecute function could be triggered with “spoofed” cross-chain messages, bypassing the gateway authentication process that typically ensures message legitimacy. As a result of this vulnerability, the attackers were able to simulate valid cross-chain communication and unlock tokens from the protocol’s PortalV2 contract without proper verification and withdraw funds from the bridge contract across multiple networks without depositing corresponding assets on the source chain. Initial estimates from blockchain security firms place the total loss at around $3 million. Cybersecurity firm BlockSec pegged total losses at approximately $2.76 million, with roughly $1.3 million taken from Ethereum and $1.28 million from Arbitrum. Smaller amounts were drained across a range of other chains, including Optimism, Base, Mantle, Kava, Frax, Celo, and Blast. At the time of writing, CrossCurve has not confirmed these external estimates or disclosed its own calculation of the affected funds. CrossCurve offers 10% bounty In a public statement , CrossCurve CEO Boris Povar said the team had traced the movement of stolen assets to ten specific Ethereum addresses. He noted that the tokens were taken due to a smart contract flaw and appealed to the recipients to return the funds, stating that there was “no indication of malicious intent.” “If the funds are not returned or no contact is established within 72 hours, we will have to assume malicious intent and treat this as a judicial matter,” Povar said. The project will offer a 10% bounty if funds are returned within the given deadline, Povar added. CrossCurve has previously marketed its multi-layered consensus bridge architecture as a safeguard against typical single points of failure in cross-chain systems. Its validation stack includes integrations with networks such as Axelar and LayerZero alongside its proprietary EYWA Oracle Network. In past documentation, the CrossCurve team has claimed that “the probability of several crosschain protocols getting hacked at the same time is near zero.” The latest breach has also drawn comparisons to the 2022 Nomad Bridge exploit, which exposed similar vulnerabilities in validation logic. At the time, a coding oversight in smart contract upgrades allowed users to copy and paste transactions to drain nearly $190 million in a free-for-all heist involving over 300 unique addresses. The post CrossCurve identifies 10 wallets involved in the $3M bridge exploit appeared first on Invezz

2 Feb 2026, 07:23

Crypto Losses Hit $370M in January 2026, Highest in 11 Months: CertiK

The value of cryptocurrency stolen through exploits and scams surged to $370.3 million in January 2026, marking the highest monthly total in 11 months and a sharp increase from the same period a year earlier, according to data from blockchain security firm CertiK . Key Takeaways: Crypto losses surged to $370.3 million in January, the highest level in 11 months. Phishing and social engineering drove most losses, led by a single $284 million scam. Exploits continued, with major hacks at Step Finance and Truebit. CertiK said that while at least 40 exploit and scam incidents were recorded during the month, the bulk of the losses stemmed from a single case. One victim reportedly lost around $284 million in a large-scale social engineering attack, highlighting how individual incidents can heavily skew monthly figures. Phishing Drives $311M in Crypto Losses as January Theft Surges Phishing scams were the dominant vector overall, accounting for $311.3 million of the total stolen. January’s losses represent a nearly fourfold rise from January 2025, when attackers made off with $98 million, and more than triple December’s total of $117.8 million. The figure is the highest since February 2025, when total monthly losses reached about $1.5 billion following the $1.4 billion hack of crypto exchange Bybit, CertiK said. While phishing and scams drove most of the damage, on-chain exploits remained a persistent threat. Blockchain security firm PeckShield reported that the largest hack in January targeted Step Finance , a decentralized finance portfolio tracker on Solana. #CertiKStatsAlert Combining all the incidents in January we’ve confirmed ~$370.3M lost to exploits. ~$311.3M of the total is attributed to phishing with one victim losing ~$284M due to a social engineering scam. More details below pic.twitter.com/uXhi0P6dl5 — CertiK Alert (@CertiKAlert) January 31, 2026 Attackers drained roughly $28.9 million after compromising several treasury wallets, siphoning more than 261,000 SOL. The second-largest exploit involved the Truebit protocol , which lost about $26.4 million on Jan. 8 after a smart contract flaw allowed an attacker to mint tokens at minimal cost, triggering a sharp drop in the price of the TRU token. PeckShield also flagged a $13.3 million hack on SwapNet and a $7 million exploit affecting the Saga network. PeckShield counted 16 hacks in total during January, resulting in $86 million in losses. While that figure was slightly lower than a year earlier, it marked a notable increase from December, underscoring the continued volatility of crypto security risks. Crypto Crime Hits Record $154B in 2025, Chainalysis Says Crypto-related crime remains a growing concern. According to Chainalysis, illicit cryptocurrency addresses received a record $154 billion in 2025 , a sharp increase from the year before. In another case, US prosecutors have charged a 23-year-old Brooklyn resident , Ronald Spektor, with stealing roughly $16 million in cryptocurrency from around 100 Coinbase users through an alleged phishing and social engineering scheme. According to the Brooklyn District Attorney’s Office, Spektor posed as a Coinbase employee and contacted victims claiming their funds were at immediate risk, pressuring them to transfer crypto to wallets he controlled. Authorities said the scheme relied on panic tactics rather than technical hacks. Operating under the online alias “lolimfeelingevil,” Spektor allegedly warned victims of imminent theft to override skepticism and force quick decisions. The post Crypto Losses Hit $370M in January 2026, Highest in 11 Months: CertiK appeared first on Cryptonews .

2 Feb 2026, 05:44

CrossCurve Threatens Legal Action After $3M Cross-Chain Bridge Exploit

The protocol warned it may pursue criminal and civil action after identifying addresses tied to a hack of its token transfer system.

2 Feb 2026, 05:20

DeFi Protocol CrossCurve Smart Contract Exploited, Suffers $3M Loss Across Multiple Chains

Cross-chain bridge CrossCurve announced Monday that it has suffered a major attack, losing $3 million across multiple networks. The DeFi protocol noted that a vulnerability in its smart contracts had been exploited, raising security concerns about cross-chain infrastructure. “Our bridge is currently under attack,” it wrote on X, warning users to suspend all interactions with CrossCurve. URGENT Security Notice Dear users, Our bridge is currently under attack, involving the exploitation of a vulnerability in one of the smart contracts used. Please pause all interactions with CrossCurve while the investigation is ongoing. We appreciate your patience and… pic.twitter.com/yfo1KvWoDd — CrossCurve (@crosscurvefi) February 1, 2026 Smart Contract Flaw: Attackers Used Spoof Messages Per CrossCurve post, some user addresses received token funds due to the smart contract vulnerability that were “wrongfully taken” from other users. “We do not believe this was intentional on your part, and there is no indication of malicious intent. We hope for your cooperation in returning the funds,” the platform wrote, identifying a total of 10 addresses. According to blockchain security account Defimon Alerts, a vulnerable CrossCurve’s smart contracts ReceiverAxelar, allowed anyone to spoof cross-chain message, bypassing the gateway validation. This has triggered unauthorized token unlocks on PortalV2 contract. CrossCurve @crosscurvefi (ex https://t.co/4HJ33uOZUS ) has been exploited for around 3 million on several networks. Anyone could call expressExecute on ReceiverAxelar contract with a spoofed cross-chain message, bypassing gateway validation and triggering unlock on PortalV2.… pic.twitter.com/EfYe3Tfo9v — Defimon Alerts (@DefimonAlerts) February 1, 2026 Besides, Curve Finance wrote that users who have allocated votes to the platform-related pools “may wish to review their positions and consider removing those votes.” The protocol is backed by Curve Finance founder Michael Egorov and raised $7 million from VCs in 2023. CrossCurve Offers 10% White Hat Bounty, Sets 72-Hour Limit Per the Safe Harbor Responsible Disclosure Policy, which details the steps to implement responsible reporting of security vulnerabilities, if a white-hat hacker assists in fund recovery, a 10% bounty will be provided. “This makes you eligible to keep up to 10% if the remainder is returned,” the project team noted. Besides, CrossCurve has set a 72-hour limit for hackers to return the funds. If no effective communication is established, the project team will take immediate escalation. This includes formal criminal and civil proceedings, collaborating with exchanges such as Coinbase and Binance, stablecoin issuers, law enforcements and on-chain analytics firms, including Chainalysis, TRM Labs and Elliptic. CrossCurve hack is similar to Nomad’s $190 million bridge exploit in 2022, which saw an estimated 8000 Solana wallets compromised. “In terms of prevention, an industry set of standard smart contract templates that are known to be secure, smart contract auditing and secure software development lifecycles would be steps in the right direction,” Andrew Morfill, Chief Information Security Officer at Komainu, told Cryptonews. “As the market matures, securely developed and updated protocols with real utility will provide the credibility and security assurance investors are looking for.” The post DeFi Protocol CrossCurve Smart Contract Exploited, Suffers $3M Loss Across Multiple Chains appeared first on Cryptonews .

2 Feb 2026, 03:34

Solana Price Prediction: $30M Hack Sends SOL Below $100 – Can Bulls Recover?

Solana (SOL) is trading around $97 after a sharp sell-off that pushed the token below the key $100 mark. The recent decline comes after a tough stretch for the crypto market overall, but Solana has dropped more than most due to new security concerns affecting investor confidence. SOL has dropped from the $140–$145 range in just a few weeks, wiping out much of its recovery from late 2025. For newer investors, this kind of decline usually comes from fear, forced selling, and uncertainty, not a sudden failure in the technology itself. Step Finance Hack Exposes $30M SOL Vulnerability, Raises Security Concerns in Solana DeFi A major reason for the recent drop was a security breach at Step Finance, where about $30 million in SOL was taken from treasury wallets. Around 261,854 SOL was moved quickly, leading to worries that someone with internal access, not just an automated hack, was involved. Step Finance has said that user funds were safe, but the incident still shook the Solana DeFi community. Big treasury wallets are increasingly becoming targets, and this event shows why stronger protections, such as multi-signature approvals and stricter access controls, are needed. For the market, the news itself was more important than the details. When stress is high, security scares often speed up selling as traders rush to cut their risk. Jupiter’s New Explorer Offers a Long-Term Positive There are also some positive updates. Jupiter has launched explore.ag, a new tool for the Solana ecosystem that brings together data from Solscan and DeFiLlama in one place. This tool helps users track projects, transactions, and DeFi stats more easily, making the network more transparent. For newcomers, this might not change prices right away, but it shows that Solana’s ecosystem is still growing. Improved data and analytics often bring in developers and long-term investors, even when the market is down. Solana Technical Analysis: Can SOL Reclaim $100? Looking at the charts, Solana price prediction is clearly in a short-term downtrend. The price is still moving within a downward channel that started in late 2025. When the price fell below the 100-day and 200-day EMAs near $140, it quickly dropped through $119 and $111, which points to forced selling instead of regular profit-taking. Solana Price Chart – Source: Tradingview Key levels to watch now: Resistance: $105–$111, where previous support has turned into a selling zone Support: $90–$81, aligned with prior demand and Fibonacci extensions Deeper risk: A move toward $70 if broader market weakness intensifies The RSI is now in the mid-20s, which means the market is oversold. This can sometimes cause a short-term bounce, but it does not promise a quick turnaround. For a more positive outlook, SOL needs to hold above $100, set a higher low, and close above $111 on the daily chart. This could lead to a recovery toward $120–$130 later on. For now, Solana seems to be in a tough but common reset phase, which often comes before stronger and more lasting gains once the selling slows down. Bitcoin Hyper: The Next Evolution of BTC on Solana? Bitcoin Hyper ($HYPER) is bringing a new phase to the BTC ecosystem. While BTC remains the gold standard for security, Bitcoin Hyper adds what it always lacked: Solana-level speed. The result: lightning-fast, low-cost smart contracts, decentralized apps, and even meme coin creation, all secured by Bitcoin. Audited by Consult , the project emphasizes trust and scalability as adoption builds. And momentum is already strong. The presale has surpassed $31.4 million, with tokens priced at just $0.013665 before the next increase. As Bitcoin activity climbs and demand for efficient BTC-based apps rises, Bitcoin Hyper stands out as the bridge uniting two of crypto’s biggest ecosystems. If Bitcoin built the foundation, Bitcoin Hyper could make it fast, flexible, and fun again. Click Here to Participate in the Presale The post Solana Price Prediction: $30M Hack Sends SOL Below $100 – Can Bulls Recover? appeared first on Cryptonews .