Crypto hacks hit record high in H1 2026 – What’s fueling the surge?

ambcryptoPublished on 2026-07-02Last updated on 2026-07-02

Abstract

According to TRM Labs, crypto hacks reached a record high in the first half of 2026 with 207 incidents, more than double the 85 reported in H1 2025. While the number of breaches surged, the total value stolen fell to $972 million, less than half the $2.3 billion lost in the same period the previous year. Smart contract exploits were the most common attack type, constituting 125 cases. However, TRM Labs' Ari Redbord noted that three-quarters of the stolen value came from infrastructure failures like compromised keys and custody systems, highlighting a gap between improved code auditing and lagging operational security. Notably, North Korean-linked actors were responsible for 66% of the stolen funds. Major exploits, such as the $293 million attack on KelpDAO, triggered liquidity crises in protocols like Aave and contributed to a broader loss of confidence in DeFi, leading to significant capital outflows and a drop in Total Value Locked to a two-year low of $70 billion.

TRM Labs, a blockchain security firm, reported 207 crypto hacks in the first half of 2026, the most in any six-month period. The bulk of the crypto hack cases happened in Q2 (126 incidents), led by KelpDAO, Humanity, and Rhea Lend exploits.

Source: TRM Labs

In the first half of 2025, 85 crypto hacks were reported. In other words, H1 2026 saw more than double the number of crypto hack cases over the same period. According to the report, most of the attacks were smart contract exploits, which accounted for 125 of the 207 incidents: a 60% dominance share in breaches.

Commenting on the same, Ari Redbord, global head of policy at TRM Labs, told AMBCrypto,

What I find most concerning is how concentrated these losses are in infrastructure failures. Three-quarters of all stolen value came from compromises of keys, custody systems, and signing infrastructure, not from smart contract bugs.

He concluded that,

The industry has improved at auditing code, but our operational security has not kept pace with our on-chain complexity.

Source: TRM Labs

North Korea-linked actors drive 66% of crypto hacks

Despite the record number of breaches, the overall value stolen in 2026 was relatively small compared to 2025.

The report noted that $972 million was lost as of June, which was below half of about $2.3 billion lost over the same period in 2025. Still, 66% of the stolen funds were driven by North Korean-linked entities.

By the end of Q2 2026, North Korea-linked attackers’ share of stolen crypto funds was over 75%. However, intensified activity from other entities during the quarter reduced their dominance to 66% at press time. The impact of the hacks has been more devastating for the DeFi sector. Amid the broader bearish sentiment, the intensified crypto hacks further drove investors from the DeFi sector.

In fact, in the KelpDAO’s $293 million hack, the attacker used fake tokens and deposited them in the Aave lending protocol and borrowed $190M in legitimate assets (wETH). There was a sudden liquidity crunch and subsequent bank run in Aave as investors feared the worthless collateral deposited by the attacker. As a result, Aave pools reached full utilization, preventing some late depositors from withdrawing their funds.

This added to broader DeFi security risk, which has triggered $55 billion in capital outflows in H1 2026. At the time of writing, the total DeFi TVL (total locked value) has hit a two-year low of $70 billion, up from $120B seen earlier in 2026.

Source: DeFiLlama

Final Summary

  • Crypto hack cases hit a record high of 207 in H1 2026, but the stolen value was below $1B
  • North Korea-based threat actors accounted for $643M, or 66% of stolen funds over the same period.

Related Questions

QAccording to the report, what was the total number of crypto hacks reported in H1 2026 and how does it compare to the same period in 2025?

AThere were 207 crypto hacks reported in the first half of 2026, which is more than double the 85 hacks reported in H1 2025.

QWhat percentage of the crypto hacks in H1 2026 were due to smart contract exploits, and what was identified as the main source of the majority of stolen value?

ASmart contract exploits accounted for 125 out of 207 incidents, or 60% of the hacks. However, the main source of stolen value (75%) was compromises of keys, custody systems, and signing infrastructure, not smart contract bugs.

QWhat percentage of the total stolen funds in H1 2026 were attributed to North Korea-linked entities?

ANorth Korea-linked entities were responsible for 66% of the total stolen funds in H1 2026.

QHow did the overall value stolen from crypto hacks in H1 2026 compare to the value stolen in H1 2025?

AThe total value stolen in H1 2026 was $972 million, which is less than half of the approximately $2.3 billion stolen in H1 2025.

QWhat was one significant consequence of the KelpDAO hack, as described in the article?

AIn the KelpDAO hack, the attacker used fake tokens as collateral on Aave to borrow legitimate assets, causing a liquidity crunch and a bank run on Aave. This led to some Aave pools reaching full utilization, preventing some depositors from withdrawing their funds.

Related Reads

But Bin's Latest Speech: Do Not Miss Out on a Great Era

Dan Bin's Latest Speech: Don't Miss a Great Era On June 29th, Dan Bin, Chairman of Dongfang Harbor (东方港湾), delivered a keynote speech titled "Don't Miss a Great Era" at the "2026—All in the Silicon-based New Epoch" Mid-Year Strategy Summit. Addressing concerns about an AI bubble, Dan Bin argued from an industrial cycle perspective that "the risk of missing an era may be greater than worrying about short-term bubbles." He views humanity as standing at the dawn of the AI era, which could be more disruptive than the electronics, internet, and mobile internet eras. He posits that the AI wave is unlikely to end in just three or four years. Using the internet era's decade-long rhythm as a reference point—with ChatGPT's late 2022 launch as the starting line—a key risk assessment window may only arrive around 2033. Dan Bin emphasized that technological progress is the primary driver of long-term capital market growth, while factors like trade wars or interest rate hikes are secondary. Expanding to a civilizational scale, Dan Bin presented a thought experiment on silicon-based life potentially supplementing or succeeding carbon-based life as a direction for extending Earth's civilization, especially over cosmic timescales spanning billions of years. On geopolitics, he noted that AI is already rewriting warfare rules, as seen in conflicts like Ukraine, and that neither the U.S. nor China can afford to lose the AI race, with each leveraging different strengths. Reflecting on investment lessons, Dan Bin cited Warren Buffett's and Charlie Munger's admitted "regrets" about missing major tech opportunities like Microsoft, underscoring the need for continuous cognitive evolution. His firm, Dongfang Harbor, is deepening its research in foundational AI areas like computing power and storage. Dan Bin concluded by urging investors to maintain a long-term perspective, embrace the epochal shift, and rationally hold onto the opportunities presented by this transformative age. He closed with a poetic reminder: "The tide never turns back... Born in this time is a great fortune in itself. Don't let hesitation trap your steps, nor short-sightedness waste the years—do not miss this magnificent era that belongs to us."

marsbit1h ago

But Bin's Latest Speech: Do Not Miss Out on a Great Era

marsbit1h ago

Latest Speech by Dan Bin: Do Not Miss Out on a Great Era

Dan Bin, Chairman of Dongfang Harbor, delivered a keynote speech titled "Don't Miss a Great Era" at the Glonghui "2026—All in Silicon-Based New纪元" Mid-Year Strategy Summit on June 29th. Addressing concerns about an AI bubble, he argued from an industrial cycle perspective that the risk of missing an entire epoch far outweighs the risk of short-term泡沫. He positioned humanity at the dawn of the AI era, which he views as potentially more disruptive than the electronic, internet, and mobile internet eras. Dan Bin suggested the AI wave is unlikely to end in just three to four years. Drawing a parallel to the internet era's decade-long cycle starting from the 1994 Netscape IPO, he indicated that with ChatGPT's late-2022 launch as a marker, a key risk assessment point might not arrive until around 2033. He emphasized that technological progress is the primary driver of long-term capital market growth, with factors like trade wars and interest rates being secondary. Expanding his perspective to a civilizational scale, Dan Bin presented a thought experiment on silicon-based life potentially replacing carbon-based life as a direction for延续 Earth's civilization, especially given cosmic timescales and interstellar travel challenges. He noted AI's必然 weaponization, citing examples from the Russia-Ukraine war, and stated that neither the U.S. nor China can afford to lose the AI race, with each having distinct competitive advantages. Reflecting on investment lessons, he mentioned Warren Buffett's recent moves into tech like Google and查理·芒格's expressed regret about missing Microsoft's massive growth, underscoring the need for continuous认知迭代. Dan Bin concluded by urging investors to maintain a long-term perspective, focus on core technological trends, and rationally embrace the opportunities of this transformative era, so as not to辜负 this "great时代" defined by波澜壮阔 change.

链捕手1h ago

Latest Speech by Dan Bin: Do Not Miss Out on a Great Era

链捕手1h ago

Trading

Spot
活动图片