Security Paradox: Number of Attacks on Crypto Projects Rises by 50%, While Losses Plunge by 60%
The first half of 2026 brought an unexpected surprise to the crypto industry. The number of security incidents surged by nearly 50% compared to the same period last year, yet the total financial damage in dollar terms decreased by almost 60%. This statistic points to a fundamental shift in attackers' tactics.
From January to June, my analytical team recorded 182 attack incidents totaling approximately $956 million. For comparison, a year earlier there were 121 incidents, but losses reached $2.373 billion. These figures highlight a disconnect between the frequency of attacks and their scale: minor incidents have become significantly more numerous, but the major financial losses were concentrated in just a few high-value targets.
A Narrow Circle of the Most High-Profile Thefts
The largest number of attacks — 85 — were related to vulnerabilities in smart contracts and protocol logic. Private key compromises ranked second with 17 episodes, while supply chain attacks took third place with 12 cases.
However, when looking at the distribution of losses, the picture changes. The main driver of losses was supply chain attacks, which caused $298 million in damage. The key factor here was a single large-scale incident — the hack of the Kelp DAO protocol, which cost the industry nearly $292 million. This was the largest theft of the half-year, and according to my colleagues' data, it is linked to the activities of the North Korean Lazarus group.
Contract vulnerabilities led to losses of $152 million, while key compromises accounted for another $130 million. Among ecosystems, Ethereum suffered the most: total damage in this network amounted to about $134 million.
Artificial Intelligence Changes the Rules of the Game
Special attention should be paid to the growing role of artificial intelligence in cyber threats. AI significantly simplifies phishing and automated attacks. Attackers actively use solutions like ChatGPT and Cursor at all stages: from generating malicious code to crafting convincing messages for social engineering.
A telling case occurred in May 2026. A hacker first conducted an NFT airdrop that granted access to transfers with extended rights, then sent a message in Morse code to the Grok chatbot. The bot interpreted it as a hidden command to transfer funds. The BankrBot trading agent, involved in this chain, considered the transaction safe and transferred about $175,000 to on-chain addresses. This is a classic attack on the trust chain of an AI agent: a malicious command passes through links that trust each other.
My expert conclusion: Security teams now face two fundamental problems. The number of attacks is not decreasing, and AI is changing the very mechanics of how they are carried out. The industry urgently needs to adapt its defense methods to the new reality, where attackers use technology faster than we can react to it.