January has been a disruptive month for the crypto industry as a wave of exploits and social engineering campaigns has already taken over hundreds of millions from the ecosystem.
The latest monthly security report from CertiK reveals that the total value of digital assets lost to exploits, hacks, and scams reached $370.3 million in January alone, with a single social engineering incident accounting for $284 million of that total. This is nearly fourfold higher compared to the $98 million reported in January 2025.
Sponsored ad wipes out a six-figure portfolio
The recent victim of the month is a prominent investor known as “Ika,” who shared the experience of losing his entire six-figure crypto portfolio just after interacting with a malicious sponsored search result that came at the top of a Google search for “Uniswap.”
The fake sites are made to be visually indistinguishable from the original one, often using nearly identical domain names and small UI adjustments. Once a user connects their wallet and approves the transaction, they are basically giving scammers permission to drain their assets.
Uniswap founder reacts to years of fake ads
Uniswap founder Hayden Adams took to X to express his frustration, noting that these fake ads have lasted for years despite constant reporting and that scam apps even appeared in official marketplaces while legitimate teams waited months for approval.
This shows a critical reality wherein 2026, protocol security is robust, but human entry points like search engines and ad platforms remain the weakest links in the DeFi ecosystem
While the Uniswap phishing scam dominated social media discussions, it was only one piece of a much larger, more violent trend in January. CertiK’s data reveals that of the $370.3 million total, a single social engineering incident accounted for a staggering $284 million.
Other major breaches this month include a $27.2 million exploit of Step Finance on Solana and a $26.6 million loss by the Truebit platform because of an integer overflow issue.
