Crypto news

07.07.2026
07:13

The crypto industry lost $1.32 billion over six months: the real statistics are more alarming

хаккер возместит $3 млн hacker

The first half of 2026 brought the crypto industry losses of $1.32 billion from security incidents. At first glance, this is an impressive 46.8% decrease compared to the same period in 2025. However, as my analysis shows, behind these figures lies a troubling trend: attacks are becoming more targeted and destructive.

The key nuance is that the 2025 statistics were skewed by the $1.4 billion hack of the Bybit exchange. If we exclude this historical outlier, actual losses for the first half of 2026 are approximately 28% higher than a year earlier. This is not just a correction — it is a signal of a systemic escalation of threats.

Second Quarter: Explosive Growth in Damages

The dynamics of the second quarter are particularly alarming. Losses increased by 59% compared to the first quarter, reaching $807.5 million. Two attacks were the main contributors: those on the KelpDAO and Drift Protocol. They accounted for over 70% of all quarterly damages. This is not a coincidence — it is evidence that hackers have shifted from mass phishing campaigns to targeted strikes on infrastructure.

While phishing was the main source of losses in the first quarter, wallet compromise led in the second. Moreover, incidents like the Drift Protocol hack combined social engineering with the seizure of administrative procedures. This is no longer just key theft — these are complex, multi-stage operations.

Infrastructure Attacks: 15% of Incidents, 76% of Damages

Data from TRM Labs confirms my conclusions. Over the half-year, 207 separate incidents were recorded — a record high. The majority (125 attacks, or 60%) involved smart contract exploits. However, the real danger lies in infrastructure and operational compromises. They accounted for only 15% of total incidents but caused approximately 76% of all losses. This includes theft of private keys, hacking of transaction signing systems, and other access management infrastructure for funds.

Particular attention should be paid to the activity of North Korean groups. According to TRM Labs estimates, they are responsible for stealing approximately $643 million, or 66% of all stolen funds. CertiK directly states that the attacks on KelpDAO and Drift Protocol were carried out by North Korean hackers. This is not just cybercrime — it is state financing through cryptocurrencies.

Recommendations and Geopolitical Context

In response to the escalation of threats, analysts recommend strengthening the security of hardware infrastructure, signature management, and fund access procedures. Key measures include protecting private keys, distributing signatories across different jurisdictions, and additional oversight of large transfers. At the state level, the US, Japan, and South Korea are already discussing countermeasures against North Korean cyber activity, including cryptocurrency theft and money laundering.

My conclusion: the statistics for the first half of 2026 are not a reason for optimism, but a warning. The industry is facing a qualitatively new level of threats, where hackers act in a coordinated and targeted manner. Without systemic changes in security — from protocols to government regulation — we risk seeing even more destructive attacks in the second half of the year.