Crypto hackers stole over $168.6 million in cryptocurrency from 34 decentralized finance (DeFi) protocols within the first quarter of 2026, falling considerably from the identical interval final yr, in line with knowledge from DefiLlama.
The $40 million non-public key compromise of Step Finance in January was the biggest exploit of the quarter, the info reveals, adopted by a wise contract manipulation that drained $26.4 million in ether (ETH) from Truebit on Jan. 8. The third-largest was a non-public key compromise focusing on stablecoin issuer Resolv Labs on March 21.
The quarterly determine is low on condition that the business noticed $1.58 billion stolen within the first quarter of 2025, with the majority coming from the $1.4 billion Bybit exploit. Nevertheless, consultants warn that crypto hacks aren’t tied to particular durations inside a yr.
Hackers are extra lively when business is booming
Nick Percoco, the chief safety officer at crypto change Kraken, instructed Cointelegraph that cybercriminal exercise in crypto tends to rise round market and event-driven cycles slightly than fastened durations.
Risk actors are additionally drawn to areas the place liquidity is concentrated, which means assault spikes typically comply with wherever worth is accumulating quickest, in line with Percoco.
“Bull markets, main product launches and fast-moving development phases all create extra engaging circumstances for attackers as a result of extra worth is at stake and new infrastructure can introduce threat,” he mentioned.
“That mentioned, assaults will not be confined to simply these durations. Vulnerabilities could be exploited in any market atmosphere, notably in complicated or quickly evolving techniques, underlining that safety in crypto should be steady.”
Crypto attackers are a “broad and evolving combine”
North Korea-linked actors have been a persistent risk to crypto buyers and Web3-native corporations alike.
Hackers affiliated with the group have been suspected of quite a few assaults, together with the Wednesday assault on Drift Protocol, a decentralized cryptocurrency change that misplaced an estimated $285 million to a non-public key leak.
Associated: Hacked crypto tokens drop 61% on common and infrequently recuperate, Immunefi report says
Percoco mentioned the risk panorama is a mixture of actors with totally different ranges of sophistication, extremely coordinated teams focusing on core infrastructure, organized cybercriminal networks and opportunistic hackers scanning for weaknesses in good contracts and client-facing techniques.
“It’s a broad and evolving combine, however they’re in the end focusing on the identical factor: world, liquid and accessible worth. Concentrating on isn’t purely random. In lots of circumstances, attackers are deliberate in how they assess infrastructure, code, entry controls and even human habits,” he mentioned.
“On the identical time, crypto’s transparency makes it simpler for opportunistic actors to identify weaknesses as they emerge. Essentially the most engaging targets are typically these combining massive concentrations of worth, technical complexity and gaps in operational safety.”
Safety consultants beforehand instructed Cointelegraph that 2026 would doubtless see a rise in refined credential theft, social engineering, and AI-powered assaults.
Journal: All 21 million Bitcoin is in danger from quantum computer systems