Crypto news

06.07.2026
22:31

The crypto industry lost $1.32 billion in the first half of 2026: an analysis of real trends

In the first six months of 2026, the crypto industry faced losses of $1.32 billion due to cyberattacks and security incidents. At first glance, this is 46.8% less compared to the same period in 2025. However, a more alarming picture lies behind these figures.

The key factor distorting the statistics is the $1.4 billion hack of the Bybit exchange, which occurred last year. If this single outlier is excluded, the actual reduction in losses turns out to be much more modest. Moreover, in the second quarter of 2026, damages increased by 59% compared to the first quarter, reaching $807.5 million. This indicates that attacks are becoming more targeted and destructive: the average damage per major incident is steadily rising.

Key Threats of the Second Quarter

The main contribution to the increase in losses in the second quarter came from two attacks: on the KelpDAO and Drift Protocol protocols. They accounted for more than 70% of all quarterly losses. Phishing dominated in the first quarter, but wallet compromise took the lead in the second. At the same time, complex incidents like the attack on Drift Protocol combined social engineering with the seizure of administrative procedures, going far beyond simple key theft.

Infrastructure Risks and the Role of the DPRK

Data from TRM Labs paints a similar but even more alarming picture. According to their estimates, losses for the half-year amounted to $972 million — less than half of the $2.3 billion a year earlier. However, the number of incidents reached a record 207 cases. Meanwhile, 60% of attacks involved smart contract exploits, but the main damage (about 76%) was caused by infrastructure and operational compromises — theft of private keys, credentials, and attacks on transaction signing systems.

The activity of hacker groups linked to the DPRK deserves special attention. According to TRM Labs estimates, they are responsible for stealing approximately $643 million, or 66% of all stolen funds. CertiK experts directly state that North Korean hackers are behind the attacks on KelpDAO and Drift Protocol. This confirms that the crypto industry remains a priority target for state-sponsored cyber groups.

Conclusions and Recommendations

Despite the apparent decline in losses, the Web3 security market is going through tough times. Attacks are becoming more sophisticated and target the most vulnerable point — access control to funds. Recommendations for strengthening hardware infrastructure security, distributing signatories across different jurisdictions, and implementing additional controls for large transfers are not just theory but an urgent necessity.

My expert assessment: The data for the first half of 2026 clearly demonstrates that the industry is failing to cope with the growing complexity of threats. The reduction in total losses due to the single Bybit outlier should not be reassuring. The reality is that the number of attacks is hitting records, and attackers, especially from the DPRK, are becoming more effective. Without a fundamental overhaul of security approaches, particularly in key management and multi-signature, we risk seeing even larger losses in the future.