COMING SOON: A New Way to Earn Passive Income with DeFi in 2025 LEARN MORE

Web3 security breaches dent the industry over $98M in January 2025

In this post:

  • SlowMist monthly security report estimated losses of up to $98M in January due to Web3 security incidents.
  • According to the SlowMist Hacked Database, only $1.4M was recovered in 40 hacking incidents, resulting in losses of about $87.94M.
  • Scam Sniffer reported that over 9.2K phishing attack victims lost a total of $10.25M, of which over 80% ($8.67M) affected Ethereum users.

SlowMist, a blockchain security firm, revealed that Web3 security breaches amounting to about $98.14M in January. The SlowMist Hacked Database revealed that 40 hacking attacks resulted in losses of $87.94M. Only $1.47M was recovered.

According to the SlowMist monthly security report, the main reasons for these incidents include private key leaks, contract vulnerabilities, and other account compromises. Scam Sniffer, a Web3 anti-scam platform, estimated that 9.22K crypto traders were victims of phishing attacks resulting in losses of nearly $10.25M in January. The Ethereum blockchain accounted for over 84% of the victims.

SlowMist reports nearly $100M in losses from Web3 security breaches 

In January 2025, SlowMist estimated that over $98 million was lost due to Web3 security breaches. The SlowMist Hacked Database recorded 40 incidents, of which $87.94 million was lost, and only $1.47 million was recovered.

According to the database, Litecoin and Babylon blockchains had their X accounts compromised on the 12th and 4th of January, respectively. Phemex and NoOnes exchanges also got hacked on the 23rd and 1st of January, resulting in combined losses of $77.2 million.

On January 23rd, the Singapore-based crypto exchange Phemex was the victim of a hot wallet attack that resulted in a loss of $70 million. MistTack’s label data and monitoring system analysis revealed that Phemex’s hot wallet had large ‘abnormal transfers’ on multiple blockchains, including Bitcoin, TRON, Ethereum (mainnet and L2), Litecoin, and XRP. 

See also  Bitcoin ETFs end 69% of February days in outflows territory

On January 1st, the P2P trading platform NoOnes also fell victim to hot wallet attacks on BSC, Ethereum, Solana, and Tron. Hundreds of suspicious outbound transactions led to losses of about $7.2 million. Ray Youssef, NoOne’s CEO, explained that an exploit on its Solana bridge caused the incident.

“We know Solana is hot now but Solana will not come back up until exhaustive pen testing is done.. Apologize for the inconvenience.”

Ray Youssef 

On January 24th, Youssef agreed that keeping nearly $8 million worth of crypto assets in a hot wallet was ‘not smart’. Additionally, he stressed that one day’s liquidity was enough, and the rest could be stored in cold wallets. Youssef also mentioned that NoOne should have been doing this from the beginning.

He, however, pointed out that NoOne was quickly adapting based on its experiences. Youssef also said he always covered any losses. He gave examples of Celcius and the case of compliance-locked funds at his previous company. 

Other companies that lost significant funds due to security incidents this January include AdsPower, Moby, and Orange Finance.

Scam Sniffer identifies Ethereum as the most vulnerable blockchain

Scam Sniffer identified the Ethereum blockchain as the most exploited ecosystem with regard to security breach losses. The Ethereum blockchain accounted for over $8.6 million of the $10.25 million lost in scams. 

See also  Crypto market sees $330 billion added in 4 hours after Trump's announcement

According to Scam Sniffer, Ethereum lost at least $1.3M on January 3rd and January 8th. The data also showed that more funds were lost on BNB ($710K), Arbitrum ($510K), Polygon ($191K), and Optimism ($81K). Avalanche and Blast jointly lost more than $26K. 

Scam Sniffer’s data confirmed that there were 9,220 victims, with Ethereum users accounting for 13 of the 15 top victims. The top four victims with the highest losses on Ethereum jointly lost over $2 million. One victim on BNB lost ~ $317K, and two more victims on Arbitrum lost over $380K. As per their data, the lowest amount lost by any of the top 15 victims as a result of security breaches was $70K. 

This January, X accounts belonging to the Times magazine, the Tor Project, actor Dean Norris, and former Brazilian president Jair Messias Bolsonaro were hacked. Nasdaq, the co-founder and CTO at LayerZero Labs Ryan Zarick, and Foresight Ventures also had their Twitter/X accounts hacked and used to promote scam tokens.

Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Editor's choice

Loading Editor's Choice articles...
Subscribe to CryptoPolitan