CertiK exposes hidden truth behind crypto’s 50% loss drop
Crypto-related losses have fallen 46.8% year over year to $1.32 billion during the first half of 2026, but blockchain security firm CertiK has warned that the decline does not indicate a safer digital asset ecosystem.
- CertiK says crypto losses fell 46.8% to $1.32 billion in H1 2026, but the decline does not mean the industry has become safer.
- Wallet compromises replaced phishing as the biggest attack method in Q2, with North Korean-linked attacks driving most major losses.
- CertiK and TRM Labs warn that attackers are becoming more targeted and sophisticated, making private key security a top priority.
According to CertiK's H1 2026 security report, the lower loss figure is heavily influenced by the absence of an event on the scale of the $1.4 billion Bybit exploit recorded in the same period last year.
The firm said a simple comparison of headline numbers creates a misleading impression because attackers are carrying out fewer random campaigns and instead executing more targeted operations that inflict heavier damage per incident.
Breaking down the first-half figures, CertiK reported that phishing remained the leading cause of crypto theft during the first quarter, resulting in losses of $508.2 million. During the second quarter, however, wallet compromises overtook phishing as the largest attack method, accounting for $807.5 million in stolen assets.
A significant share of those losses came from just two major incidents. CertiK said more than 70% of the second-quarter total stemmed from attacks targeting KelpDAO and Drift Protocol, both of which are believed to have been carried out by North Korean state-sponsored hackers.
While total losses appear lower, CertiK said the industry is facing a structurally higher rate of attack activity than a year earlier. Excluding the exceptional Bybit hack from 2025, the firm concluded that individual attacks are becoming more financially damaging and increasingly focused on high-value targets instead of opportunistic exploits.
Separate findings from blockchain intelligence firm TRM Labs support that assessment. In its H1 2026 report released on Wednesday, TRM Labs said the decline in the total value stolen should not be interpreted as evidence that attackers have become less capable. According to the firm, the lower figure is largely the result of there being no record-breaking theft comparable to the Bybit incident during the reporting period.
TRM Labs also found that the number of crypto-related security incidents rose sharply from 83 in the first half of last year to 207 in H1 2026, the highest six-month total the company has recorded. Its analysis further showed that smart contract exploits accounted for 125 incidents, representing roughly 60% of all recorded attacks.
Alongside its assessment of attack trends, CertiK identified private key management and multisignature wallet controls as the most critical areas requiring stronger protection. The firm recommended that crypto protocols and institutions securing substantial onchain assets strengthen every layer of key management, including hardware security, multisignature governance and geographic distribution of wallet signers.
CertiK said investments in these controls can produce disproportionately strong security benefits because they directly reduce the impact of attacks targeting sensitive wallet infrastructure.
Attention has also turned to the growing role of North Korean cyber operations. According to TRM Labs, North Korean hackers have stolen more than $6 billion worth of cryptocurrency since 2017. The recent attacks linked to KelpDAO and Drift Protocol prompted officials from the United States, Japan and South Korea to meet late last month to discuss ways to curb North Korea's cyber activity and the illicit revenue generated through crypto theft.
During those discussions, government representatives acknowledged that North Korean IT workers are increasingly using artificial intelligence to improve the scale, speed and sophistication of cyber operations. Several cybersecurity leaders have separately warned that AI-assisted techniques are making protocol exploits harder to detect and defend against.
Meanwhile, hardware wallet maker Ledger has continued to advise crypto users to keep recovery seed phrases offline and never disclose them, describing those practices as basic but essential safeguards against phishing attacks and unauthorized wallet access.
Disclaimer: This content is provided for general branding and informational purposes only and doesn't constitute financial, investment, legal, or tax advice. Any events, rewards, online events, or related information mentioned herein should not be considered a recommendation, solicitation, or invitation to purchase, sell, trade, or otherwise deal in any crypto assets or to use any services. Crypto assets are highly volatile and may result in loss. WEEX services and online events may not be available in all regions and are subject to applicable laws, regulations, and eligibility requirements. You are responsible for ensuring that your use of WEEX services complies with local laws and for carefully assessing the risks before participating in any crypto-related activities.
You may also like

Home Robot NEO Grows "Dexterous Hands": How Do Hands Become the API to the Physical World?

What is SCEX? The Cryptocurrency Exchange for Vietnam's Market by Sacombank

Major Update for ChatGPT: Cross-Platform Functionality, One-Click Website Creation, and Lower Costs

BTC Challenges 64,000 After Breaking 63,000, Market Trading 'Manageable Risks'

As the Bubble Bursts, Who Dominates Attention in the AI Era? A 2026 Guide to Influential AI KOLs in China and the UK

Old Money in Crypto Shifts: Paradigm Raises $1.2 Billion, Half Bet on AI and Robotics

Bitdeer unveils $36M Nevada factory to shake up Bitcoin mining

Perplexity Fine-Tuned a Chinese AI Model to Match Claude Opus 4.8 at One-Third the Cost

Bank of Korea defends bank-first stablecoin plan amid bill deadlock

JPMorgan says bitcoin's main risk isn't Strategy, but blockchain adoption that doesn't benefit public chains and tokens

Fear & Greed Index Today: What Extreme Fear Means for Crypto, Stocks and Gold

Labour MPs Push to Make UK Crypto Donation Ban Permanent

Supreme Court ruling expanding Trump's authority over federal agencies raises questions for SEC, CFTC as crypto rulemaking advances

'Bottom building in progress': Analysts say bitcoin holder capitulation signals late-stage bear market

A Comprehensive Analysis: Starting from 1996, Who is Laying the Foundation for the Next Generation of Capital Markets

Luke Dashjr, the Biggest Anti-Spammer of Bitcoin, Inscribed Phrases on the Network in 2011

Whales bought 270,000 BTC while ETFs bled $7 billion. One side is wrong

The crypto IPO class of 2025-26 is down as much as 89%. Autopsy of a listing boom

Robinhood Chain Mining Guide: A Comprehensive Tutorial from Cross-Chain to Memecoin

BitGo CEO says single-digit percentages of bitcoin's supply are 'probably right' for large holders amid Strategy's sale

Beyond Private Keys: How to Safeguard the Security Boundaries of Web3 from Wallets, L2 to Supply Chains?

Vanguard Enters the Market, Opening a New Crypto Gateway for 50 Million Traditional Investors

Why the OUSD Alliance of 150 Companies Still Cannot Shake USDT and USDC?

Citigroup Analysis: Is There Still 47% Upside for Nvidia? Can Rubin and CPO Deliver?
WEEX API Fast Connect: Turn Every Sign-In Into a Live Trader in Under 10 Seconds
WEEX API Fast Connect is a one-click OAuth authorization system that lets your users link their WEEX account without ever touching an API key. Frictionless onboarding, faster conversions, higher retention — built for WEEX Broker partners.

Bitcoin's dwindling exchange reserves don't pack the same bullish punch anymore

From Le Mans to the Rollercoaster: Carl Moon Takes On Portimão
Crypto world renowned KOL and racing driver Carl Moon, backed by WEEX, heads to the Ferrari Challenge Portugal round at the Algarve International Circuit, July 16–19, fresh off a podium finish at Le Mans. Here's why this race is one to watch.
Fast execution. Split-second accuracy. Security that never blinks. That's WEEX — and that's exactly how Carl races.

The Downfall of a Public Company: A $1.46 Billion Bet on WLFI, $540 Million Went to the Trump Family

Dragonfly Partner: BTC is Intergenerational Wealth, Optimistic About ETH and SOL






