Pavlo Kot

Crypto hack losses drop 47% to $1.3 billion in H1 2026

Crypto hack losses drop 47% to $1.3 billion in H1 2026
Crypto hack losses

​Total losses from attacks on crypto projects reached $1.32 billion in the first half of 2026, down 46.8% from a year earlier. However, CertiK analysts warned that the decline creates a misleading impression of improving security, as attackers are increasingly relying on more sophisticated and destructive techniques.

According to the report, phishing attacks accounted for the largest losses in the first quarter, totaling $508.2 million. In the second quarter, wallet compromises became the primary attack vector, resulting in losses of $807.5 million.

More than 70% of total losses during the period came from the KelpDAO and Drift Protocol exploits, which are believed to have been carried out by North Korean-linked hacking groups.

According to TRM Labs, North Korean hackers have stolen more than $6 billion in crypto assets since 2017.

Number of attacks continues to rise

CertiK said the decline in total losses was largely due to the absence of a breach comparable to the Bybit hack, in which attackers stole about $1.4 billion in a single incident.

At the same time, the overall pace of attacks continues to accelerate, the researchers said.

TRM Labs reached a similar conclusion. According to its data, the number of recorded incidents in the first half of the year increased from 83 to 207, marking the highest six-month total in the firm's history. About 60% of all attacks involved the exploitation of smart contract vulnerabilities.

Experts call for stronger private key protection

According to CertiK, private keys and multisignature wallet management systems remain the most vulnerable parts of the Web3 infrastructure.

The company urged crypto projects and institutional investors to place greater emphasis on hardware-based key protection. It also recommended adopting multisignature setups and distributing key holders across multiple geographic locations to reduce operational risk.

Researchers further advised users to keep seed phrases offline and never share them with third parties.

According to PeckShield, hackers stole about $75.9 million across 40 major attacks in June, down 7.1% from the previous month. The largest incident targeted Humanity Protocol. Losses were initially estimated at $31 million, but the project's subsequent investigation raised the figure to approximately $36 million.

Earlier, Coinspect researchers warned about the Ill Bloom vulnerability, which could affect thousands of crypto wallets across the Bitcoin, Ethereum, Polygon, Rootstock, Tron, and Solana networks. According to the firm, attackers have already stolen more than $5 million since late May by exploiting the flaw.

This material may contain third-party opinions, none of the data and information on this webpage constitutes investment advice according to our Disclaimer. While we adhere to strict Editorial Integrity, this post may contain references to products from our partners.
Weekly Top Bonuses
up to $2,500
deposit bonus for all clients
CLAIM BONUS
Your capital is at risk.