H1 crypto losses down 47% — hackers just got pickier, not politer 🎯
Back to feed

H1 crypto losses down 47% — hackers just got pickier, not politer 🎯

Crypto losses fell 46.8% year-on-year to $1.32 billion in the first half of 2026, but security firms CertiK and TRM Labs said the decline is misleading, warning that attackers are becoming more targeted and destructive per incident. CertiK told Cointelegraph that a headline reading of "losses down nearly 50% would suggest a meaningfully safer ecosystem," adding, "The data does not support that conclusion." CertiK noted that the prior-year period was skewed by the $1.4 billion Bybit hack, the largest crypto exploit in history, and that excluding that event the industry is absorbing a structurally higher rate of attack activity.

Phishing drove the bulk of losses in the first quarter at $508.2 million, while wallet compromises were the largest attack vector in the second quarter, contributing $807.5 million. More than 70% of Q2 losses stemmed from the KelpDAO and Drift Protocol hacks, which are believed to have been carried out by North Korean state-sponsored hackers. TRM Labs estimated in April that North Korean hackers have stolen more than $6 billion worth of crypto since 2017, and the KelpDAO and Drift incidents prompted a meeting between US, Japanese and South Korean authorities late last month over how to mitigate North Korea's malicious cyber activity. State officials also acknowledged that North Korean IT workers are increasingly using AI to enhance their schemes.

TRM Labs' H1 2026 report, released Wednesday, found that the number of incidents more than doubled from 83 to 207, the highest six-month total TRM has recorded, with smart contract exploits accounting for 125 incidents, or 60% of the total. "The decline in total dollars stolen should not be mistaken for a safer environment," TRM said. "The lower total reflects the absence of another record setting theft, not a reduction in attacker capability."

CertiK identified private keys and multisignature wallet management as the most consequential security surface for attackers to exploit, and urged crypto protocols and institutions holding significant onchain assets to harden every layer of private key management — from hardware security and multisignature governance to geographically distributing where signers are based.

Share:
Publishercryptonewsroom.xyz
Published
CategorySecurity

Disclaimer: This content is for information and entertainment purposes only. It does not constitute financial, investment, legal, or tax advice. Always do your own research and consult with qualified professionals before making any financial decisions.

See our Terms of Service, Privacy Policy, and Editorial Policy.