Crypto projects lost more than $1.3 billion to hacks, exploits and scams in the first half of 2026, as attackers shifted toward fewer but more damaging breachesCrypto projects lost more than $1.3 billion to hacks, exploits and scams in the first half of 2026, as attackers shifted toward fewer but more damaging breaches

Crypto Hackers Stole $1.3B in H1 2026 — The Bigger Threat Is How They Attack

2026/07/07 18:00
4 min read
For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com

Crypto projects lost more than $1.3 billion to hacks, exploits and scams in the first half of 2026, as attackers shifted toward fewer but more damaging breaches targeting wallets and critical infrastructure.

According to CertiK’s Hack3d: H1 2026 Report, crypto projects lost about $1.32 billion across 344 incidents in the first half of 2026.

Crypto Hackers Stole $1.3B in H1 2026 — The Bigger Threat Is How They Attack

While that total is lower than the $2.47 billion stolen during the same period last year, researchers say the comparison is skewed by a single $1.45 billion Bybit hack that dominated 2025 figures. 

Excluding the Bybit incident, losses in 2026 were significantly higher than in the comparable period in 2025, suggesting that the overall security environment has not improved. 

“The underlying security environment has not improved; in several meaningful respects, it has deteriorated,” CertiK said in the report. 

Two major crypto security breaches accounted for nearly half of all losses recorded in the first half of 2026. 

The Kelp DAO RPC compromise and Drift Protocol wallet breach together resulted in approximately $576.6 million in losses, showing how a small number of attacks can significantly influence industry-wide security figures.

Excluding these two incidents, total H1 losses would have stood at roughly $739.1 million, closer to historical levels.

The report also highlighted a rise in high-value exploits, with an increasing number of incidents causing more than $1 million in losses. Researchers warned that attackers are becoming more selective, targeting fewer victims but pursuing significantly larger payouts.

Wallet compromises emerged as the most financially damaging attack category in H1 2026, causing more than $444 million in losses across 33 incidents.

The category was driven largely by major breaches such as the Drift Protocol exploit, highlighting a growing threat from attacks targeting private keys and wallet security systems.

While wallet attacks caused the largest financial damage, code vulnerabilities remained the most common attack type, accounting for 204 incidents and more than $151 million in losses.

Researchers noted that attackers are increasingly targeting older smart contracts, suggesting that security risks do not disappear after deployment.

Phishing incidents declined in the first half of 2026 but remained highly damaging, with sophisticated social engineering attacks accounting for nearly 85% of all phishing-related losses. 

The shift suggests attackers are moving away from broad campaigns toward fewer, highly personalized attacks targeting individuals and organizations that control significant on-chain wealth.

Ethereum recorded the highest losses among individual blockchains, with $522.8 million lost across 153 incidents.

Security breaches involving multiple chains accounted for another $339.6 million in losses across 25 incidents, reflecting the growing complexity of attacks targeting cross-chain infrastructure.

Excluding phishing attacks, CertiK identified the ten most costly incidents of H1 2026.

Kelp DAO ranked as the largest incident, with losses of $291.3 million, followed by Drift Protocol at $285.3 million.

Other major incidents included Humanity Protocol ($33 million), Step Finance ($27.3 million), Resolv ($26.8 million), Truebit ($26.7 million), Rhea Finance ($18.5 million), Grinex ($16.2 million), JaredFromSubway ($7.47 million), and an unidentified contract labeled 0xD8B4a ($6.59 million).

The second quarter of 2026 accounted for the majority of H1 losses, with hackers stealing more than $807 million across 194 incidents.

Although overall losses remained similar to the previous year, the increase in incident frequency and higher median losses suggest that crypto security challenges are becoming more severe.

The report highlights a growing industry challenge: attackers are increasingly targeting high-value wallets, critical infrastructure and older smart contracts rather than relying only on newly discovered vulnerabilities. As more capital moves on-chain, stronger controls around private keys, audits and operational security are becoming increasingly important.

Keep up to date with DailyCoin’s hottest crypto news:
Altcoins Sink in Q2, but One Token’s 1,700% Rally Skews the Picture
How SWIFT Is Testing Out XRP Bridge Liquidity Now

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

$5M in SPCX Positions for Free

$5M in SPCX Positions for Free$5M in SPCX Positions for Free

0 fees, 100x leverage, daily prizes, 7K+ stocks/ETFs