Articles
Crypto Market Analysis

Web3 hacks cost $482M in Q1 as phishing drives majority of losses: Hacken

User Image

Av Anonym

Skapad April 14, 2026|3 minuter lästid
Main Image

Hacken’s Q1 2026 report finds $482 million lost across 44 incidents, with phishing, legacy code bugs and key compromises driving losses as regulators tighten security demands.

Update (April 14, 2026, 11 am UTC): This article has been updated to adjust the total number of hacks and scams in the first quarter to $482 million and the total number of incidents to 44.

Web3 projects lost $482 million to hacks and scams in the first quarter of 2026, while multi-billion-dollar “mega hacks” gave way to a larger number of mid-sized incidents, according to blockchain security company Hacken.

According to Hacken’s Q1 2026 report, phishing and social engineering attacks dominated the period, accounting for $306 million in losses in a quarter that saw 44 incidents overall. A single $282 million hardware wallet scam in January was responsible for more than half of the quarter’s damage.

Smart contract exploits totaled $86.2 million, with access control failures, including compromised keys and cloud services, driving an additional $71.9 million in losses.

The losses place this quarter as the second-lowest first quarter since 2023, with the absence of a single mega hack on the scale of Bybit, which lost $1.46 billion in Q1 2025, the primary driver of the year-over-year decline.

Hacken’s incident mapping shows the largest failures increasingly occurring outside onchain code, in operational and infrastructure layers that traditional audits rarely touch. Yev Broshevan, chief executive and co-founder at Hacken, told Cointelegraph the most expensive failures “happen outside the code layer.”

Related: Aethir halts bridge exploit, promises compensation after $90K loss

According to Hacken, that shift is drawing greater scrutiny from regulators and institutional counterparties, with frameworks such as the Markets in Crypto-Assets Regulation (MiCA) and Digital Operational Resilience Act (DORA) in the European Union moving further into enforcement and raising expectations around continuous security monitoring and incident response.

Broshevan pointed to $306 million in phishing, a $40 million North Korea-linked fake venture capitalist (VC) call against Step Finance, and a $25 million AWS key management service compromise at Resolv Labs. Even where smart contracts were at fault, the costliest bugs often sat in legacy deployments and known vulnerability classes. Truebit lost $26.4 million to a bug in a Solidity contract deployed around five years ago, while Venus Protocol was hit by a donation attack pattern documented since 2022.

Six audited projects, including Resolv with 18 audits and Venus with five separate firms, still accounted for $37.7 million in losses. On average, that was more than their unaudited peers because higher total value locked (TVL) protocols attract more sophisticated attackers and exploits.

In Q1, MiCA and DORA in the EU shifted further into active enforcement, Dubai’s regulator, the Virtual Assets Regulatory Authority, tightened expectations around its Technology and Information Rulebook, Singapore enforced Basel-aligned capital and one-hour incident notification rules, and the United Arab Emirates’ new Capital Market Authority took over federal digital asset oversight with broader powers and higher penalties.

Related: Crypto hackers steal $169M from 34 DeFi protocols in Q1: DefiLlama

Hacken ties those regimes to a new benchmark for “regulator-ready” stacks that includes proof-of-reserves attestations backed by daily internal reconciliation, 24/7 onchain monitoring across treasury wallets and privileged roles, automated circuit-breakers on minting and governance functions and incident notification clocks calibrated to the strictest applicable standard. 

The report highlights “realistic” targets of awareness within 24 hours, labeling within four hours, and blocking in 30 seconds, with “aspirational” goals as low as 10 minutes for detection and 1 second to block, based on guidance from Global Ledger’s 2025 Laundering Race data.

At the human layer, Hacken flags North Korean clusters as the most consistent operational threat, with Step Finance’s $40 million loss and Bitrefill’s infrastructure breach extending a playbook of fake VC outreach, malicious video call tooling and compromised employee endpoints that extracted roughly $2.04 billion from the sector in 2025.

Magazine: XRP yet to ‘price in’ 3 bullish catalysts, Bitcoin to $80K? Trade Secrets

Source: CoinTelegraph


Andra artiklar publicerade nyligen

UK's bold new crypto rules promise to unlock global trading, but huge compliance hurdles still threaten the rollout
UK's bold new crypto rules promise to unlock global trading, but huge compliance hurdles still threaten the rollout

Trading Strategies

The U.K. FCA's crypto framework has been praised for prioritizing global liquidity and institutional...

EU moves to block retail investors from explosive boom of multibillion-dollar prediction markets
EU moves to block retail investors from explosive boom of multibillion-dollar prediction markets

Crypto Market Analysis

The region's regulators emphasized that a product's actual function as a derivative matters more tha...

Europe led on crypto regulation. Now implementation must match ambition
Europe led on crypto regulation. Now implementation must match ambition

Crypto Market Analysis

Source: CoinDesk...

Trump's crypto token buyers are down $3.8 billion, blockchain data shows
Trump's crypto token buyers are down $3.8 billion, blockchain data shows

Blockchain

The TRUMP token is down 96% from its peak, and 85% of secondary market wallets for WLFI are underwat...

Why bitcoin's disconnect from record-high stocks won't last
Why bitcoin's disconnect from record-high stocks won't last

Bitcoin

Researchers at Schwab and Hashdex said AI has diverted capital from digital assets while bitcoin con...

Bollinger Bands creator eyes Bitcoin bear-market end, 'W'-shaped reversal
Bollinger Bands creator eyes Bitcoin bear-market end, 'W'-shaped reversal

Bitcoin

Bitcoin price strength could "break" the entire downtrend if the reversal pattern completed, John Bo...