January 2025 witnessed a notable decline in cryptocurrency-related cybercrime, as hackers stole $73 million across 19 separate incidents, marking a 44% decrease compared to the same month in 2024 when $133 million was lost. However, this positive trend is overshadowed by a significant surge from December 2024, when cybercriminals took only $3.8 million.

The largest attack of the month targeted Phemex, a crypto exchange based in Singapore, which was hacked for a staggering $69 million, accounting for nearly all the stolen funds. The second most significant breach involved Moby Trade, a crypto options platform, which lost $2.5 million.

Despite the drop in total thefts compared to the previous year, the data, compiled by Immunefi in a report released on January 30, 2025, highlights the persistent vulnerability of cryptocurrency platforms to cyberattacks. Centralized finance (CeFi) platforms, which remain the primary targets for hackers, were responsible for 93% of the stolen funds in January, amounting to $69 million. In contrast, decentralized finance (DeFi) platforms, despite suffering 18 attacks, only accounted for 6.5% of the stolen funds, totaling $4.8 million.

Mitchell Amador, CEO of Immunefi, pointed out that CeFi platforms will continue to attract hackers throughout 2025 due to inherent weaknesses in key management and infrastructure security. He stressed that the most significant risks arise from compromised private keys, which can enable hackers to drain large amounts of funds in a single attack. Unlike DeFi exploits, which often lead to partial losses through smart contract vulnerabilities, CeFi breaches can cause catastrophic system-wide failures.

To mitigate these threats, Amador urged CeFi platforms to adopt a multi-layered security approach. He emphasized the need for stronger key management systems, reduced dependence on single private keys, and improved operational security practices. Additionally, he recommended that platforms invest in regular employee security training, implement bug bounty programs, and adopt real-time threat detection tools.

Bug bounty programs, in particular, play a crucial role in strengthening cryptocurrency security. These initiatives reward ethical hackers for identifying and reporting vulnerabilities before malicious actors can exploit them. Currently, Immunefi offers over $181 million in bounties, safeguarding more than $190 billion in crypto assets. While January's decline in cybercrime is encouraging, experts believe ongoing security advancements will be vital in reducing future threats to the crypto industry.