CertiK Says H1 2026 Web3 Losses Topped $1.31B, Up 28% Excluding Bybit Baseline

Web3 security incidents cost the industry more than $1.31 billion across 344 events in the first half of 2026, according to CertiK's Hack3D H1 2026 Report, published Monday. Net losses stood near $1.2 billion after frozen and recovered funds, the blockchain security firm said.
Headline totals show a 46.8% year-over-year drop, but CertiK (in a post on its official X account) said that comparison is skewed by the $1.45 billion Bybit hack that inflated H1 2025's tally. Stripping out that outlier, H1 2026 losses were approximately 28% higher than the equivalent year-ago baseline.
Wallet Compromise Leads
Wallet compromise was the costliest attack vector, generating more than $444 million in losses across 33 incidents, CertiK found. The category was driven primarily by the Kelp DAO RPC compromise and the Drift Protocol breach, both of which occurred in April 2026.
Phishing Gets More Targeted
Phishing incident counts fell, but losses stayed elevated as attackers shifted from broad campaigns to fewer, higher-value social-engineering hits on wallets holding significant on-chain wealth. Four such incidents accounted for roughly 85% of all phishing losses in the period, per the report.
CertiK also devoted a section to North Korea-linked activity, saying state-sponsored actors, most notably the Lazarus Group, have escalated operations as prior calendar years progressed, and flagged the second half of 2026 as a period of heightened concern.
The Defiant has previously covered CertiK's monthly Hack3D tallies, including a $370 million January 2026 reading. Monday's report is the firm's first half-year rollup for 2026, aggregating those monthly figures alongside attack-vector and threat-actor analysis.
Advertisement
Get an edge in Crypto with our free daily newsletter
Know what matters in Crypto and Web3 with The Defiant Daily newsletter, Mon to Fri
90k+ Defiers informed every day. Unsubscribe anytime.


