Close Menu
Crypto Breaking News
    Crypto Breaking News
    • News
      • Press Release
      • Featured
      • Events
      • Exchanges
      • Bitcoin
      • Ethereum
      • Solana
      • Ripple
      • Artificial Intelligence (AI)
      • Real World Assets (RWA)
      • Markets & Finance
      • Regulation & Policy
      • Press Releases by PR Newswire
      • News by CoinPedia
      • News by Coincu
      • News by Blockchain Wire
    • Crypto
      • Companies
      • Events
      • Partners
      • Buy Crypto
      • Timers
    • Advertise
      • Submit a Press Release
      • Logos
      • About
      • Services
    • Offers
      • Marketing Services
      • Wallets & Tools
    • Account
    • Video
    • Contact
    Submit PR
    Crypto Breaking News
    Crypto News

    Crypto Hacks Drop 47% in H1, but Smart-Contract Risks Persist: CertiK

    17 seconds ago
    FacebookTwitterLinkedInCopy Link
    News Feed
    Google NewsRSS
    Crypto Hacks Drop 47% In H1, But Smart-Contract Risks Persist: Certik
    Crypto Hacks Drop 47% In H1, But Smart-Contract Risks Persist: Certik

    Crypto losses from hacks and scams dropped in the first half of 2026, according to new figures cited by CertiK. In the period, overall losses fell 46.8% year-on-year to $1.32 billion—yet the security firm argues the headline decline is deceptive, pointing to a shift toward more targeted and destructive attacks.

    CertiK’s report breaks the half-year down by quarter: phishing drove $508.2 million in losses in Q1, while wallet compromises became the dominant threat in Q2 with $807.5 million attributed to that attack vector. The firm also highlighted that more than 70% of Q2 losses came from two major incidents—KelpDAO and Drift Protocol—events tied to North Korean state-sponsored hacking activity.

    Key takeaways

    • First-half 2026 crypto losses fell 46.8% year-on-year to $1.32 billion, but CertiK says the reduction does not indicate a safer ecosystem.
    • Attack dynamics shifted: phishing dominated Q1 ($508.2M), while wallet compromises were the largest driver in Q2 ($807.5M).
    • Over 70% of Q2 losses were linked to the KelpDAO and Drift Protocol hacks, which are believed to involve North Korean state-sponsored actors.
    • CertiK warns attackers are becoming more “targeted and more financially destructive per event,” even if total dollars stolen appear lower.
    • TRM Labs reported a sharp rise in the number of incidents in H1 2026 (83 to 207), reinforcing that volume—not just dollar totals—matters.

    Why “losses down” may be the wrong signal

    At first glance, the year-on-year decline looks encouraging. CertiK, however, cautions against interpreting the data as evidence that security has improved. The firm told Cointelegraph that a “headline reading” of losses down nearly 50% could mislead readers because the prior-year comparison was distorted by an exceptionally large theft.

    CertiK specifically referenced the $1.4 billion Bybit hack as the type of outlier that can skew year-over-year comparisons. In the same reporting, CertiK noted that such comparisons can mask underlying changes in attacker behavior—particularly as threat actors adapt tactics and select targets more precisely.

    This is where the firm’s analysis becomes investor- and operator-relevant: if the ecosystem is seeing fewer total dollars stolen but more attacks that are more damaging per incident, then risk is not actually decreasing. Traders may feel this first as volatility tied to exploit headlines, but the deeper impact lands on protocols, custodians, and institutions that must continually adjust defensive controls.

    Phishing vs. wallet compromise: Q1 and Q2 split

    CertiK’s quarterly breakdown shows how different attack categories shaped the first half of the year. In Q1, phishing was responsible for the bulk of losses, totaling $508.2 million. By Q2, the picture changed significantly: wallet compromises contributed $807.5 million, making that category the largest single driver of losses during the quarter.

    For market participants and builders, that shift matters because it points to different failure modes. Phishing typically targets human behavior—seed phrases, approvals, and credentials—while wallet compromise often reflects deeper weaknesses around key custody, multisignature operations, signing procedures, and operational security. The change in the dominant vector suggests defenders cannot rely on improvements in one area alone; they have to treat the security stack as layered.

    North Korean hacking remains central, and volume may be rising

    CertiK’s report places disproportionate emphasis on state-linked activity during Q2. More than 70% of the losses in the quarter came from the KelpDAO and Drift Protocol hacks. Cointelegraph previously reported on both incidents, including coverage of KelpDAO being exploited and the Drift Protocol hack raising questions about the protocol’s response.

    Beyond the immediate losses, the incidents also intersect with government-level discussion. The attacks reportedly even prompted a late-month meeting between US, Japanese and South Korean authorities focused on mitigating North Korea’s cyber activity and illicit revenue generation. Officials also acknowledged that North Korean IT workers are increasingly using AI to improve their schemes—an issue cybersecurity leaders believe can increase the scale, speed, and sophistication of protocol exploitation.

    CertiK’s broader warning aligns with another dataset. TRM Labs, in its H1 2026 reporting, argued that declining total dollars stolen should not be mistaken for a safer environment. In TRM’s analysis, the number of incidents more than doubled from 83 to 207 in the first half of 2026, the highest number TRM has recorded across a six-month period. TRM also found that smart contract exploits accounted for 125 incidents—about 60% of all events—in H1.

    That juxtaposition is important: even if fewer dollars are being stolen than in a year with record outliers, the ecosystem can still be exposed to a higher frequency of attacks. More incidents mean more operational disruptions, more incident response overhead, and more opportunities for failures—especially in fast-moving DeFi environments.

    Private key management: the “most consequential” security surface

    CertiK singled out private key handling as the area most likely to determine outcomes for attackers. According to the firm, private keys and multisignature wallet management remain the “most consequential security surface” for exploitation—particularly because weaknesses there can enable large transfers even when other controls appear in place.

    To address this, CertiK urged protocols and institutions holding significant onchain assets to harden every layer of private key management. The recommendations span hardware security, multisignature governance, and even the geographic distribution of signers. The core argument is that defenses should be designed to reduce the chance that a single point of compromise results in irreversible loss.

    CertiK also framed security investment as asymmetric: it said this is an area where spending on the right controls can produce unusually large risk reduction relative to the cost. That theme echoes long-standing guidance from hardware wallet providers. For example, Ledger has previously warned users to keep seed phrases offline and never share them, emphasizing that basic operational discipline remains one of the most effective barriers to phishing-driven theft.

    While these recommendations may sound familiar, the data behind them—especially Q2’s wallet compromise losses—underscores that key management is not a “set it and forget it” task. Attackers often shift tactics toward whatever control surface shows the most leverage, and wallet compromise outcomes suggest that leverage is still available to criminals and state-linked groups.

    Looking ahead, the key question is whether the first-half pattern persists: phishing-heavy losses in the first quarter followed by wallet compromises and concentrated state-linked incidents in the next. Readers should watch not only aggregate loss totals, but also incident frequency, which TRM’s reporting suggests is rising—an indicator that the threat environment may be intensifying even when dollar figures temporarily fall.

    Risk & affiliate notice: Crypto assets are volatile and capital is at risk. This article may contain affiliate links. Read full disclosure

    Crypto Breaking News
    • Website
    • Facebook
    • X (Twitter)
    • Pinterest
    • Instagram
    • Tumblr
    • LinkedIn

    The Crypto Breaking News editorial team curates the latest news, updates, and insights from the global cryptocurrency and blockchain industry.

    Related Posts

    Belgian Regulator Identifies 6 Unapproved Crypto Providers After Mica Deadline

    Belgian Regulator Identifies 6 Unapproved Crypto Providers After MiCA Deadline

    1 hour ago
    French Authorities Bust 1 8 Million Fraud Involving Crypto Assets

    French Authorities Bust $1.8 Million Fraud Involving Crypto Assets

    1 hour ago
    South Korea Considers Measures Against Polymarket Over Gambling Rules

    South Korea Considers Measures Against Polymarket Over Gambling Rules

    2 hours ago
    Bitcoin Weekly Update: Why $60.4k Is A Key Price Level

    Bitcoin Weekly Update: Why $60.4K Is a Key Price Level

    3 hours ago
    Dormant $1.9m Bitcoin Linked To Ny Lawsuit Moves After 15 Years

    Dormant $1.9M Bitcoin Linked to NY Lawsuit Moves After 15 Years

    4 hours ago
    Coinspect Warns 'ill Bloom' Flaw Could Expose Thousands Of Crypto Wallets

    Coinspect Warns ‘Ill Bloom’ Flaw Could Expose Thousands of Crypto Wallets

    5 hours ago

    Search Crypto News

    Featured Crypto News

    5 Japanese Crypto Kols Youtube Channels To Follow

    5 Japanese Crypto Kols YouTube Channels to Follow

    4 July 2026
    Why Uk Crypto Exchanges Are Now Competing On Trust, Not Token Counts

    Why UK Crypto Exchanges Are Now Competing on Trust, Not Token Counts

    3 July 2026
    Rain Trade Lets Anyone Create Public Or Private Prediction Markets

    Rain Trade launches its prediction market platform where anyone can create markets

    2 July 2026
    How Ai Is Changing Music: Virtual Artist Lunayah Releases "new Beginning"

    How AI Is Changing Music: Virtual Artist Lunayah Releases “New Beginning”

    1 June 2026

    Latest News

    • Crypto Hacks Drop 47% in H1, but Smart-Contract Risks Persist: CertiK
    • Belgian Regulator Identifies 6 Unapproved Crypto Providers After MiCA Deadline
    • French Authorities Bust $1.8 Million Fraud Involving Crypto Assets
    • South Korea Considers Measures Against Polymarket Over Gambling Rules
    • Bitcoin Weekly Update: Why $60.4K Is a Key Price Level
    • Dormant $1.9M Bitcoin Linked to NY Lawsuit Moves After 15 Years
    • Coinspect Warns ‘Ill Bloom’ Flaw Could Expose Thousands of Crypto Wallets
    • Stablecoin Transfers Reach Record $1.79T in June
    • Nigel Farage Reportedly Took Gifts From Crypto-Linked Fraudster
    • Central Bankers Warn: Agentic AI Could Reshape Finance Risks

    Join 20,000+ Crypto Followers

    • Facebook2.4K
    • Twitter4.5K
    • Instagram7.2K
    • LinkedIn4.3K
    • Telegram55
    • Threads1000
    AVATRADE
    Ledger

    About Crypto Breaking News

    About Crypto Breaking News

    Crypto Breaking News is a fast-growing digital media platform focused on the latest developments in cryptocurrency, blockchain, and Web3 technologies. Our goal is to provide fast, reliable, and insightful content that helps our readers stay ahead in the ever-evolving digital asset space.

    Web3 Digital L.L.C-FZ
    License Number: 2527596
    📞 +971 50 449 2025
    ✉️ info@cryptobreaking.com
    📍Meydan Grandstand, 6th floor, Meydan Road, Nad Al Sheba, Dubai, United Arab Emirates

    FacebookX (Twitter)InstagramPinterestYouTubeTumblrBlueskyLinkedInRedditTikTokTelegramThreadsRSS

    Links

    • Crypto News
    • Submit a Press Release
    • Advertise
    • Contact Us
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    • Stocks Breaking News

    advertising

    Crypto.com
    © 2026 CryptoBreaking.com | All rights reserved | Powered by Web3 Digital & Osom One

    Type above and press Enter to search. Press Esc to cancel.

    Change Location
    Find awesome listings near you!