ChainThink reports, according to Cointelegraph, that blockchain security firm Hacken’s Q1 2026 report revealed that Web3 projects suffered $464.5 million in losses due to hacks and scams during the quarter, with phishing and social engineering attacks accounting for $306 million—the primary source of losses.
In January, a hardware wallet scam resulted in $282 million in losses, accounting for 81% of the quarter’s total losses. Additionally, smart contract vulnerabilities caused $86.2 million in losses, and access control failures (including compromised keys and cloud services) led to $71.9 million in losses.
The report indicates that the largest security incidents occur primarily in off-chain operations and infrastructure layers, which traditional audits struggle to cover. The European regulatory frameworks MiCA and DORA are increasingly demanding stronger security monitoring and incident response measures, while global regulators are raising standards for real-time monitoring and emergency response.
