Crypto attacks in H1 2026 reach 158, with losses dropping to $929M

icon币界网
Share
AI summary iconSummary
In the first half of 2026, the crypto market experienced 158 publicly disclosed security incidents, a record high for the period. Total losses decreased to $929 million, down from $2.3 billion in the same period of 2025. Smaller-scale attacks became more frequent, with Ethereum being the top target, recording 56 incidents. The largest breach occurred at Drift Protocol, resulting in $295 million in losses. Hackers linked to North Korea were responsible for 66% of the total losses. Traders monitoring altcoins should remain cautious as the market continues to evolve.
CoinDesk reports:

According to aggregated data from blockchain security firm SlowMist, the cryptocurrency industry experienced 158 publicly disclosed security incidents in the first half of 2026, the highest number on record for the same period. However, the total amount stolen amounted to approximately $929 million, significantly lower than the $2.3 billion lost during the same period in 2025.

This means that attack activity continues to rise, but the scale of losses per individual incident has decreased compared to last year. The report suggests that hackers are increasingly shifting toward more frequent, medium-to-small-sized attacks rather than focusing solely on a few ultra-large-scale incidents.

The stolen amounts are concentrated in a few major cases.

The largest single incident in the first half of the year occurred at Drift Protocol, with losses of approximately $295 million, making it the highest-value crypto attack of the first half of this year. The report also noted that thefts attributed to North Korea-linked hacker groups amounted to approximately $643 million, accounting for about 66% of all stolen funds.

Researchers say this data highlights a clear distinction between ordinary attackers and organized, state-backed hacking groups, which are often capable of carrying out larger-scale attacks.

  • Publicly disclosed security incidents: 158
  • Total loss for the first half of the year: approximately $929 million
  • Percentage of hackers related to North Korea: approximately 66%

Ethereum remains the primary target of attacks.

Looking at the distribution by chain, Ethereum was the most targeted blockchain, with 56 incidents recorded in the first half of the year, followed by BNB Chain, Base, and Arbitrum. The report attributes this to Ethereum’s dominant position in DeFi and the large amount of assets locked on the chain.

By month, May saw the highest number of attacks at 41, followed by June and April with 36 and 34 attacks, respectively. In terms of financial loss, April was the most severe, with approximately $631 million stolen in a single month, accounting for nearly 68% of the total losses in the first half of the year.

Private key compromise and increased oracle risk

The report states that smart contract vulnerabilities remain the most common attack vector, but the largest financial losses stem from compromised private keys and administrator credentials, accounting for approximately 40% of total losses. Cases involved include Drift Protocol, Humanity Protocol, Resolv, Wasabi Protocol, Gravity Bridge, Fluid, StablR, and Polymarket.

Beyond private key leaks, oracle manipulation remains a high-risk vulnerability in DeFi. Cases such as Blend Pools V2, Aave V3, Sharwa Finance, Edel, and Ploutos Money demonstrate that once price data is compromised, attackers can exploit it to transfer funds and drain liquidity. Even projects that have undergone security audits can suffer damage if their price sources fail.

The report also notes that AI-driven crypto scams are on the rise. According to Chainalysis’s previously released 2026 Crypto Crime Report, these scams are approximately 4.5 times more profitable than traditional frauds. Attackers are using AI-generated videos and voice clips to bypass exchange authentication, deceive customer support, or impersonate corporate executives to initiate large fund transfers.

The recovery rate of funds remains low.

Of the larger-scale attacks in the first half of the year, only one project fully recovered its stolen assets, while two others collectively froze over $74 million. The report states that more than $620 million remains largely unrecoverable.

Looking at long-term data, since Bitcoin's inception, there have been 2,172 publicly disclosed blockchain security incidents, resulting in cumulative losses exceeding $37.88 billion. The report shows that the attack surface has expanded from early smart contract vulnerabilities to include private keys, cross-chain bridges, centralized exchanges, wallets, governance mechanisms, and third-party infrastructure.

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.