Crypto Hacks and Scams H1 2026: Where Did the Losses Come From?Every six months, blockchain security firm CertiK puts out a report that tells us exactly how badCrypto Hacks and Scams H1 2026: Where Did the Losses Come From?Every six months, blockchain security firm CertiK puts out a report that tells us exactly how bad

Crypto Hacks and Scams H1 2026: The Real Story Behind $1.3B Losses

2026/07/07 15:30
6 min read
For feedback or concerns regarding this content, please contact us at [email protected]

Crypto Hacks and Scams H1 2026: Where Did the Losses Come From?

Every six months, blockchain security firm CertiK puts out a report that tells us exactly how bad things have gotten in Web3. The first half of 2026 is no different, except this time the headline number is a little misleading, and the real trend underneath it is worse than it looks at first glance.

The Headline Number: $1.316 Billion Lost

CertiK's newly released 2026 Web3 First Half Security Report shows that Web3 security incidents in the first six months of the year resulted in total losses of $1.316 billion across 344 separate incidents. On its own, that number already tells you something important: crypto hacks and scams are not slowing down, they are simply spreading across more platforms and more chains.

At first glance, this looks like an improvement. Compare it to the first half of 2025, and the losses appear to have dropped significantly. But that comparison hides an outlier that skews the whole picture.

Why the "Decline" Is Misleading

The apparent drop compared to last year is almost entirely due to one massive event: the $1.45 billion Bybit theft in the first half of 2025. That single incident was so large that it inflated the entire 2025 first-half total on its own, making this year's numbers look better by comparison.

Once you strip out the Bybit theft and look at losses on a comparable basis, a very different trend appears. Losses in the first half of 2026 actually increased by approximately 28% compared to the same period last year. In other words, once you remove one extreme outlier, the underlying trend in crypto hacks and scams is climbing, not falling. Attackers are not backing off. If anything, they are getting better at finding value across a wider range of targets.

Where the Losses Actually Came From

CertiK's report breaks down exactly which attack types and chains took the biggest hits during the first half of the year.

Wallet compromises were the single most damaging attack type. These incidents alone accounted for 33 events and roughly $445 million in losses. That is a huge concentration of damage from a relatively small number of incidents, which tells you these attacks are targeting high-value wallets rather than spreading thin across small accounts. Wallet security, whether it is key management, phishing resistance, or multisig setups, remains one of the weakest links in the entire ecosystem.

Ethereum saw the highest number of individual incidents. With 153 separate security events, Ethereum experienced nearly half of all reported incidents during the period, resulting in approximately $523 million in losses. Given how much value and how many protocols still run on Ethereum, this is not entirely surprising, but the sheer volume of incidents shows just how large and constant the attack surface really is.

Solana had fewer incidents but a heavy price tag. Losses on Solana reached approximately $315 million, driven largely by high-profile attacks like the Drift Protocol exploit. Fewer incidents but a large dollar figure usually points to a handful of high-value, well-planned attacks rather than opportunistic, low-effort ones.

Put together, these figures paint a clear picture: crypto hacks and scams in the first half of 2026 were not random noise. They followed patterns, wallet compromises for concentrated damage, Ethereum for sheer frequency, and Solana for large single-event losses.

This Fits a Pattern We Already Flagged in June

This isn't an isolated data point. In our earlier coverage of crypto hacks in June 2026, we tracked 40 major incidents in that month alone, totaling $75.87 million in losses. The largest single hit came from the Humanity Protocol attack at $31 million, followed by the Syscoin Bridge exploit at $10 million and a $7.5 million loss on the JaredFromSubway.eth MEV bot. Bridges, automated bots, and cross-chain infrastructure kept showing up as recurring weak points.

CertiK's half-year numbers essentially confirm what that monthly snapshot already suggested: the damage is not coming from one type of platform or one kind of mistake. It's spread across wallets, chains, bridges, and bots, which makes it much harder for any single fix to solve the problem.

What This Means If You Hold or Trade Crypto

None of this means crypto itself is broken, but it does mean the risks are real and specific. A few practical takeaways from this data:

  • Wallet security deserves more attention than most people give it. With $445 million lost to wallet compromises alone, basic hygiene, like using hardware wallets, avoiding suspicious approval requests, and never sharing seed phrases, matters more than ever.

  • Chain popularity does not equal safety. Ethereum's high incident count is a function of its size and adoption, not necessarily weaker security. Don't assume a newer or smaller chain is automatically safer just because it has fewer headlines.

  • Stick to audited, established protocols where possible. Incidents like the Drift Protocol exploit on Solana show that even well-known platforms can be targeted, but newer or unaudited projects tend to carry disproportionately higher risk.

  • Keep an eye on security research. Reports from firms like CertiK, and ongoing tracking from accounts like @wublockchain12, are some of the best ways to stay ahead of emerging attack patterns rather than reacting after the fact.

Conclusion

CertiK's H1 2026 Web3 Security Report makes one thing clear: the surface-level numbers can be deceiving. A $1.316 billion loss across 344 incidents looks like progress compared to 2025, but once you exclude the outsized Bybit theft, the real trend shows a 28% increase in comparable losses. Wallet compromises, Ethereum-based attacks, and Solana exploits like Drift Protocol were the biggest contributors. Crypto hacks and scams remain one of the most persistent risks in the space, and the smartest move for anyone holding digital assets is to stay cautious, stay informed, and treat security as an ongoing responsibility rather than a one-time setup.

Disclaimer

This article is for informational purposes only and does not constitute financial or investment advice. The figures mentioned are based on CertiK's publicly reported data and may be subject to revision. Always verify information through official sources before making any financial decisions.

Market Opportunity
SIX Logo
SIX Price(SIX)
$0.00527
$0.00527$0.00527
-0.18%
USD
SIX (SIX) Live Price Chart

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

$5M in SPCX Positions for Free

$5M in SPCX Positions for Free$5M in SPCX Positions for Free

0 fees, 100x leverage, daily prizes, 7K+ stocks/ETFs