Decline in Crypto-Related Thefts
In a significant shift, blockchain security firm CertiK has revealed a dramatic decline in crypto-related thefts, with May witnessing losses totaling $68.3 million. This figure marks a staggering drop of nearly 90% compared to the approximately $650 million reported in April. The month of May is notable as it marks only the third occasion in 2026 that the losses have stayed below the $100 million threshold, alongside a concerning April that had recorded losses exacerbated by the major Bybit hack in February 2025.
Details of Losses
The $68.3 million lost in May included around $2.6 million linked to phishing attacks. Despite the overall decline, several key attacks still transpired. The most substantial incident involved Verus Protocol, where an exploit on its cross-chain bridge on May 18 resulted in losses of $11.5 million, making it the most significant breach of the month. Following closely was an ensuing attack on THORChain, where roughly $10.1 million was stolen.
Analysis of Losses
A granular analysis of the losses pointed to code vulnerabilities as the primary source, causing approximately $45 million, or about 66% of the total losses. Additionally, incidents involving compromised wallets and private keys accounted for $13.7 million in losses, indicating a continued risk associated with basic security practices.
Cross-Chain Exploits
The data also revealed that cross-chain infrastructure, specifically exploits of cross-chain bridges, was particularly attractive to malicious actors, totaling $28.6 million in losses for May, reflecting 42% of the month’s aggregated losses. Throughout the month, a total of 29 security breaches were logged by DeFiLlama, including seven incidents related to compromised private keys.
Recent Attacks and Evolving Threats
Recent attacks included significant exploits targeting Alephium Bridge and Gravity Bridge on May 30, which together resulted in total losses of approximately $6.2 million. Despite the decrease in total losses, researchers at CertiK caution ongoing vigilance against evolving attack methodologies. In prior discussions, CertiK’s senior investigator, Natalie Newson, highlighted a concerning trend: attackers are increasingly integrating social engineering tactics with sophisticated technologies such as AI to execute large-scale breaches.
Future Implications and Recommendations
The rise in AI-assisted cybercrime tools, capable of creating deepfakes and automatically generating exploit codes, is further complicating the landscape. This may signal a future where vulnerabilities in both cross-chain systems and private key management are exploited in increasingly advanced manners.
As the crypto community navigates these developments, CertiK has urged users to heighten their cybersecurity practices: verifying website authenticity, scrutinizing smart contracts, and considering cold wallets for enhanced protection against cyber threats.
