Crypto Hackers Stole $1.3B in H1 2026 — The Bigger Threat Is How They Attack 

CertiK report reveals fewer but more devastating attacks targeting wallets, infrastructure and high-value crypto assets.

Follow on Google News
Crypto Hackers Stole $1.3B in H1 2026 — The Bigger Threat Is How They Attack 

Crypto projects lost more than $1.3 billion to hacks, exploits and scams in the first half of 2026, as attackers shifted toward fewer but more damaging breaches targeting wallets and critical infrastructure.

Crypto Security Losses Remain High

According to CertiK’s Hack3d: H1 2026 Report, crypto projects lost about $1.32 billion across 344 incidents in the first half of 2026.

While that total is lower than the $2.47 billion stolen during the same period last year, researchers say the comparison is skewed by a single $1.45 billion Bybit hack that dominated 2025 figures. 

Excluding the Bybit incident, losses in 2026 were significantly higher than in the comparable period in 2025, suggesting that the overall security environment has not improved. 

“The underlying security environment has not improved; in several meaningful respects, it has deteriorated,” CertiK said in the report. 

A Few Mega-Exploits Drove Nearly Half of All Losses

Two major crypto security breaches accounted for nearly half of all losses recorded in the first half of 2026. 

The Kelp DAO RPC compromise and Drift Protocol wallet breach together resulted in approximately $576.6 million in losses, showing how a small number of attacks can significantly influence industry-wide security figures.

Excluding these two incidents, total H1 losses would have stood at roughly $739.1 million, closer to historical levels.

The report also highlighted a rise in high-value exploits, with an increasing number of incidents causing more than $1 million in losses. Researchers warned that attackers are becoming more selective, targeting fewer victims but pursuing significantly larger payouts.

Wallet Attacks Become Crypto’s Biggest Security Threat

Wallet compromises emerged as the most financially damaging attack category in H1 2026, causing more than $444 million in losses across 33 incidents.

The category was driven largely by major breaches such as the Drift Protocol exploit, highlighting a growing threat from attacks targeting private keys and wallet security systems.

Smart Contract Bugs Remain the Most Common Entry Point

While wallet attacks caused the largest financial damage, code vulnerabilities remained the most common attack type, accounting for 204 incidents and more than $151 million in losses.

Researchers noted that attackers are increasingly targeting older smart contracts, suggesting that security risks do not disappear after deployment.

Phishing Gets More Targeted as Attackers Chase Bigger Rewards

Phishing incidents declined in the first half of 2026 but remained highly damaging, with sophisticated social engineering attacks accounting for nearly 85% of all phishing-related losses. 

The shift suggests attackers are moving away from broad campaigns toward fewer, highly personalized attacks targeting individuals and organizations that control significant on-chain wealth.

Ethereum Records Highest Blockchain Losses

Ethereum recorded the highest losses among individual blockchains, with $522.8 million lost across 153 incidents.

Security breaches involving multiple chains accounted for another $339.6 million in losses across 25 incidents, reflecting the growing complexity of attacks targeting cross-chain infrastructure.

Kelp DAO and Drift Protocol Dominate the Year’s Biggest Exploits

Excluding phishing attacks, CertiK identified the ten most costly incidents of H1 2026.

Kelp DAO ranked as the largest incident, with losses of $291.3 million, followed by Drift Protocol at $285.3 million.

Other major incidents included Humanity Protocol ($33 million), Step Finance ($27.3 million), Resolv ($26.8 million), Truebit ($26.7 million), Rhea Finance ($18.5 million), Grinex ($16.2 million), JaredFromSubway ($7.47 million), and an unidentified contract labeled 0xD8B4a ($6.59 million).

Why This Matters

The second quarter of 2026 accounted for the majority of H1 losses, with hackers stealing more than $807 million across 194 incidents.

Although overall losses remained similar to the previous year, the increase in incident frequency and higher median losses suggest that crypto security challenges are becoming more severe.

The report highlights a growing industry challenge: attackers are increasingly targeting high-value wallets, critical infrastructure and older smart contracts rather than relying only on newly discovered vulnerabilities. As more capital moves on-chain, stronger controls around private keys, audits and operational security are becoming increasingly important.

Keep up to date with DailyCoin’s hottest crypto news:
Altcoins Sink in Q2, but One Token’s 1,700% Rally Skews the Picture
How SWIFT Is Testing Out XRP Bridge Liquidity Now

DailyCoin's Vibe Check: Which way are you leaning towards after reading this article?
Market Sentiment
0% Neutral