AGP Picks
View all

CertiK Hack3D: H1 2026 Report Reveals Over $1.31 Billion Lost to Web3 Security Incidents in the First Half of 2026

NEW YORK, July 08, 2026 (GLOBE NEWSWIRE) -- CertiK recently released the CertiK Hack3D: H1 2026 Report, a data-driven analysis of Web3 security incidents from January through June 2026. Across 344 incidents, the ecosystem lost $1.3 billion, with adjusted net losses of approximately $1.2 billion after frozen and recovered funds. While total losses appear lower than H1 2025, that comparison is almost entirely a function of the $1.45 billion Bybit hack that defined that period. Stripped of that outlier, H1 2026 losses are approximately 28% higher on a comparable basis.

April Defined the Half

The most costly month of H1 2026 was April, which recorded approximately $651 million in losses across 61 incidents, shaped almost entirely by two events. The Kelp DAO RPC compromise ($291 million, April 18) saw attackers exploit a DVN failover mechanism to confirm fabricated transactions and withdraw 116,500 rsETH. The Drift Protocol breach ($285 million, April 1), the largest exploit ever recorded on Solana, was executed through a multi-stage administrative key compromise that enabled the attacker to drain SOL, USDC, and Bitcoin from the protocol's liquidity pools. Together, these two incidents account for nearly 44% of all H1 losses.

Wallet Compromise and Phishing Lead by Losses

Wallet compromise was the most financially destructive attack category, generating $445 million across 33 incidents at an average of over $13 million per event. The concentration of losses in a small number of high-impact events reflects a deliberate attacker focus on key management infrastructure rather than smart contract code.

Phishing was the second most costly vector at $366 million across 63 incidents. Despite a 52.3% decline in incident volume compared to H1 2025, losses fell by only 10.8%, as broad-volume campaigns have given way to precision social engineering attacks. Four such incidents produced approximately 85% of all phishing losses, with a single January event accounting for nearly $285 million alone.

Code Vulnerability Leads by Volume

Code vulnerability was the most prolific attack category with 204 incidents and $152 million in losses. A growing share of these targeted contracts is more than one year old, with monthly incidents in this cohort rising from 7 in October 2025 to 18 in May 2026, suggesting attackers are systematically revisiting legacy codebases well beyond the initial deployment window.

DPRK Remains a Structural Threat

The report includes a dedicated assessment of DPRK-linked threat activity. State-sponsored actors, most notably the Lazarus Group, have consistently escalated operations as each calendar year progresses, with H2 2026 representing a period of heightened concern. The Drift Protocol breach bears characteristics consistent with prior Lazarus Group operations, though formal attribution had not been confirmed at publication.

Full report: https://indd.adobe.com/view/9f1c777d-8d9f-4b14-b417-e4a29ee5359a

Media contact
Elisa Yiting Xu
yiting.xu@certik.com


Primary Logo

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share this page:

Advanced Search Options

Search for:

Search scope:

Type:

Search in:

Date range:

The last

Sort by:

Sign up for:

STEM Minnesota

The daily local news briefing you can trust. Every day. Subscribe now.

By signing up, you agree to our Terms & Conditions.