Crypto Prices

Decline in Crypto Losses Shouldn’t Deter Concerns, Warns CertiK

7 hours ago
2 mins read
1 views

Cryptocurrency Losses in 2026

The first half of 2026 has seen a notable decrease in cryptocurrency-related losses, plunging 46.8% year-on-year to $1.32 billion. However, CertiK, a leading blockchain security firm, cautions against interpreting this drop as a sign of improved safety within the digital asset landscape. Their report for the first half of the year suggests that this decline is primarily attributable to the absence of major security breaches, like the staggering $1.4 billion Bybit hack that occurred during the same timeframe in the previous year.

Shifting Nature of Attacks

CertiK highlights that simply looking at aggregate figures offers a misleading snapshot, as the nature of attacks is shifting. Instead of conducting randomly orchestrated assaults, hackers are focusing more on targeted attacks, which tend to cause significantly greater losses per incident. Examining the specifics, phishing scams were the most common type of cryptocurrency theft in the first quarter of 2026, with losses hitting $508.2 million. Nonetheless, the second quarter showcased a worrying trend with wallet compromises surging to dominate the landscape, leading to an alarming $807.5 million in stolen assets, primarily driven by two significant breaches.

CertiK reports that over 70% of the losses in the second quarter were linked to assaults on KelpDAO and Drift Protocol, both believed to be executed by state-sponsored hackers from North Korea. While the total losses might appear reduced, CertiK argues that the overall risk to the cryptocurrency sector may actually be increasing in the wake of these events compared to last year. If one disregards the unprecedented Bybit incident, they note that individual breaches are increasingly financially damaging and tend to focus on high-value targets rather than opportunistic hits.

Insights from TRM Labs

Complementing these findings, a report from blockchain analytics company TRM Labs reinforces this viewpoint. Their analysis also notes that the reported drop in stolen assets does not suggest a diminishing capability among attackers, but rather lacks any record-breaking thefts similar to previous high-profile hacks like Bybit. In fact, they found that the total security incidents connected to cryptocurrencies surged from 83 in the first half of 2025 to an astonishing 207 in 2026, the highest level recorded in a semi-annual period. Smart contract hacks accounted for 125 of these incidents, amounting to approximately 60% of the overall attacks.

Vulnerabilities and Recommendations

CertiK identifies weak private key management and multisignature wallet governance as critical vulnerabilities needing significant improvement. They recommend that cryptocurrency protocols and organizations handling large onchain assets bolster the security of their key management systems—this includes enhancing hardware security, governance models for multisignature controls, and geographically diversifying wallet signers. These enhancements could provide considerable security advantages by reducing the impact of attacks on sensitive assets.

The Threat of North Korean Cyber Operations

The specter of North Korean cyber operations continues to loom large, with TRM Labs noting that these hackers have pilfered upwards of $6 billion worth of cryptocurrency since 2017. Recent incidents involving KelpDAO and Drift Protocol have prompted urgent discussions among government officials from the United States, Japan, and South Korea, who are strategizing ways to mitigate North Korea’s cyber intrusion efforts and the revenue derived from cryptocurrency theft. During these talks, officials noted that North Korean cyber operatives are increasingly leveraging artificial intelligence to elevate their cyber capabilities, which poses heightened detection challenges for cybersecurity processes. Experts further warn that AI-assisted techniques are making vulnerabilities in protocols increasingly difficult to identify and protect against.

Preventative Measures

As a preventative measure, hardware wallet provider Ledger has maintained its guidance for cryptocurrency users to keep their recovery seed phrases offline and confidential, underscoring these practices as fundamental yet vital defenses against phishing schemes and unwarranted wallet access.

Popular