Coinpaper
January 6, 2026 10:00 AM UTC

Crypto Hack Losses Drop 90% in May After Brutal April

The largest incidents involved Verus Protocol and THORChain, which lost $11.5 million and $10.1 million, respectively. Code vulnerabilities accounted for roughly two-thirds of all losses, while compromised wallets and private keys were the second-largest cause. Cross-chain bridges were the most targeted sector, responsible for 42% of total losses. Crypto Exploit Losses Drop Losses from crypto-related exploits and security breaches dropped quite a bit in May 2026. According to blockchain security firm CertiK , total losses from crypto platform exploits reached approximately $68.3 million during the month, which was an almost 90% drop compared to the $650 million that was lost in April. The sharp decrease makes May the third month of 2026 in which crypto-related losses stayed below the $100 million mark. CertiK also reported that around $9.4 million of the stolen funds were eventually recovered or returned, which helped reduce the overall financial impact of the incidents. Meanwhile, phishing attacks accounted for approximately $2.6 million of the losses recorded during the month. The decline comes after one of the worst periods for the industry in recent years. Excluding the record-breaking $1.5 billion Bybit hack in February of 2025, April 2026 recorded the highest monthly losses since March 2022. One of the largest incidents contributing to April’s losses was a $291 million exploit involving Kelp DAO. Despite the improved figures in May, several major attacks still occurred. The largest exploit of the month targeted Verus Protocol’s cross-chain bridge, resulting in losses of approximately $11.5 million. THORChain experienced the second-largest incident after attackers stole roughly $10.1 million from the protocol during a mid-May exploit. Analysis of the attacks showed that code vulnerabilities were the most costly security weakness. Exploits stemming from flaws in smart contract code and protocol implementations accounted for approximately $45 million, representing around 66% of all losses during the month. Wallet and private key compromises ranked as the second-largest category, and contributed approximately $13.7 million in stolen assets. Cross-chain bridges were one of the most attractive targets for cybercriminals. These platforms accounted for approximately $28.6 million in losses, or about 42% of the total value stolen during May. Decentralized finance protocols were the second-most targeted category. Total monthly hack losses (Source: DeFiLlama) Data from DeFiLlama recorded 29 separate security incidents throughout May, with seven involving compromised private keys. Two of the most recent attacks occurred on May 30, when the Alephium Bridge and Gravity Bridge suffered exploits resulting in losses of approximately $815,000 and $5.4 million, respectively. Both incidents were linked to compromised private keys. Security researchers also noticed a growing threat from malware developed with assistance from artificial intelligence tools. During May, malicious actors targeted cryptocurrency developers and AI engineers by compromising software repositories and manipulating AI-powered coding assistants.