Crypto

Crypto hacks double despite 57% drop in stolen funds in H1 2026




The cryptocurrency industry suffered a record number of cyberattacks in the first half of 2026 despite a sharp drop in the total amount of money stolen, showing that hackers are becoming more active and more sophisticated rather than less dangerous.

According to a new report by blockchain intelligence firm TRM Labs, hackers stole about $972 million worth of cryptocurrencies between January and June 2026. While this represents a 57 percent decline from the $2.3 billion stolen during the same period in 2025, the number of successful attacks surged to an all-time high.

TRM Labs recorded 207 successful hacks and exploits in the first six months of 2026, more than double the 83 incidents reported a year earlier. The second quarter alone witnessed 123 attacks, making it the busiest six-month period ever recorded for crypto security breaches.

The figures suggest that the industry’s apparent improvement is misleading.

“The numbers tell two very different stories at once. We recorded more crypto hacks in the first six months of 2026 than in any prior half-year period on record, but total losses fell sharply, almost entirely because North Korea did not execute another operation on the scale of last year’s $1.5 billion Bybit hack,” said Ari Redbord, global head of Policy and Government Affairs at TRM Labs.

He warned that the underlying cyber threat has become “more sophisticated and more dangerous.”

Read also: Climate change now fuels Nigeria’s security crisis, scientists warn

Fewer dollars stolen, but more attacks

Industry analysts say the lower amount stolen does not mean crypto platforms have become safer.

Instead, the decline was largely because 2025 included the $1.5 billion Bybit hack, one of the biggest crypto thefts in history. Without that single attack, the difference between both years would have been much smaller.

The latest figures show hackers are now launching many more attacks, although most are smaller than the mega-heists seen in previous years.

This changing pattern means crypto firms face constant pressure from cybercriminals instead of only occasional large-scale attacks.

Hackers now target people instead of code

One of the biggest shifts this year is how criminals are breaking into crypto systems.

Earlier attacks often exploited weaknesses in smart contracts—the software that powers decentralised finance (DeFi). But security experts say attackers are increasingly bypassing the technology and targeting people.

During the first quarter, phishing and social engineering scams accounted for $306 million of the $482.6 million lost. One victim alone lost $282 million after revealing recovery credentials during a fake IT support call involving a hardware wallet.

Meanwhile, smart contract exploits caused just $86.2 million in losses, although the number of such attacks continued to rise.

Security researchers say hackers now find it easier to deceive employees, compromise private keys, or steal administrator credentials than to crack well-audited blockchain code.

April became crypto’s worst month

The industry’s biggest setback came in April.

Within less than three weeks, hackers stole more than $600 million, making it the worst month for crypto security on record.

Two attacks accounted for most of the damage.

The first targeted Drift Protocol, where attackers linked to North Korea reportedly spent months manipulating employees before bypassing multi-signature security controls, resulting in losses of about $285 million.

Weeks later, KelpDAO lost around $292 million after attackers compromised a verifier used by its cross-chain bridge and created fake collateral that was later used on lending platforms.

These incidents demonstrated that operational failures, not coding mistakes, are now creating the biggest financial risks.

North Korea remains the biggest threat

TRM Labs estimates that North Korea-linked hacking groups were responsible for about $643 million, or 66 percent, of all crypto funds stolen during the first half of the year.

Groups such as Lazarus and its TraderTraitor unit continue to dominate global crypto theft despite stealing far less than the estimated $1.7 billion attributed to North Korea during the first half of 2025.

According to blockchain investigators, North Korea also earns cryptocurrency through phishing operations, fake IT worker schemes and online scams, making hacking only one part of its broader cyber strategy.

Infrastructure becomes the weakest link

Perhaps the report’s most important finding is that 76 percent of all stolen funds came from attacks on private keys, custody systems and digital signing infrastructure.

These operational failures represented only 15 percent of total attacks, yet produced more than three-quarters of all financial losses.

By comparison, smart contract exploits made up 60 percent of all incidents but accounted for only about 17 percent of the money stolen.

“What I find most concerning is how concentrated these losses are in infrastructure failures. The industry has improved at auditing code, but our operational security has not kept pace with our on-chain complexity,” Redbord said.

Read also: Nigeria completes global aircraft manufacturers’ engagement with Bombardier visit

Second half may be more challenging

Cybersecurity experts warn that the record number of attacks suggests the crypto ecosystem remains under intense pressure heading into the second half of 2026.

They say exchanges, wallet providers and decentralised finance platforms should strengthen employee security, protect private keys and improve internal controls.

The latest figures indicate that while hackers may be stealing less money per attack, they are striking more often than ever before, making cyber resilience one of the industry’s biggest priorities for the rest of the year.

Royal Ibeh is a senior journalist with years of experience reporting on Nigeria’s technology and health sectors. She currently covers the Technology and Health beats for BusinessDay newspaper, where she writes in-depth stories on digital innovation, telecom infrastructure, healthcare systems, and public health policies.


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button