Step Finance lost $40 million in digital assets after hackers compromised devices belonging to its executives. The breach was detected on January 31, prompting the company to engage cybersecurity experts for recovery efforts. Initially, blockchain analytics firm CertiK reported the stolen amount as around $28.9 million, but Step Finance later clarified that the losses were significantly higher. The company confirmed that several of its treasury wallets were exploited using a known attack vector. In response, it has halted some operations to reinforce security. While about $4.7 million has been recovered, users have been warned against engaging with the $STEP token until the investigation concludes. There’s been speculation about a potential insider job or “rug pull,” but Step Finance has not addressed these claims. The impact of this theft is notable but not unprecedented in the crypto space. In January alone, total losses from crypto theft reached $398 million, with only about $4.3 million recovered. The scale of these attacks continues to grow, with 147 confirmed hacks in 2025 totaling nearly $2.87 billion, and 2022 remains the worst year with losses of $3.71 billion.