Articles
Crypto Market Analysis

Web3 hacks cost $482M in Q1 as phishing drives majority of losses: Hacken

User Image

Anonim tarafından

Oluşturuldu April 14, 2026|3 dakika okuma
Main Image

Hacken’s Q1 2026 report finds $482 million lost across 44 incidents, with phishing, legacy code bugs and key compromises driving losses as regulators tighten security demands.

Update (April 14, 2026, 11 am UTC): This article has been updated to adjust the total number of hacks and scams in the first quarter to $482 million and the total number of incidents to 44.

Web3 projects lost $482 million to hacks and scams in the first quarter of 2026, while multi-billion-dollar “mega hacks” gave way to a larger number of mid-sized incidents, according to blockchain security company Hacken.

According to Hacken’s Q1 2026 report, phishing and social engineering attacks dominated the period, accounting for $306 million in losses in a quarter that saw 44 incidents overall. A single $282 million hardware wallet scam in January was responsible for more than half of the quarter’s damage.

Smart contract exploits totaled $86.2 million, with access control failures, including compromised keys and cloud services, driving an additional $71.9 million in losses.

The losses place this quarter as the second-lowest first quarter since 2023, with the absence of a single mega hack on the scale of Bybit, which lost $1.46 billion in Q1 2025, the primary driver of the year-over-year decline.

Hacken’s incident mapping shows the largest failures increasingly occurring outside onchain code, in operational and infrastructure layers that traditional audits rarely touch. Yev Broshevan, chief executive and co-founder at Hacken, told Cointelegraph the most expensive failures “happen outside the code layer.”

Related: Aethir halts bridge exploit, promises compensation after $90K loss

According to Hacken, that shift is drawing greater scrutiny from regulators and institutional counterparties, with frameworks such as the Markets in Crypto-Assets Regulation (MiCA) and Digital Operational Resilience Act (DORA) in the European Union moving further into enforcement and raising expectations around continuous security monitoring and incident response.

Broshevan pointed to $306 million in phishing, a $40 million North Korea-linked fake venture capitalist (VC) call against Step Finance, and a $25 million AWS key management service compromise at Resolv Labs. Even where smart contracts were at fault, the costliest bugs often sat in legacy deployments and known vulnerability classes. Truebit lost $26.4 million to a bug in a Solidity contract deployed around five years ago, while Venus Protocol was hit by a donation attack pattern documented since 2022.

Six audited projects, including Resolv with 18 audits and Venus with five separate firms, still accounted for $37.7 million in losses. On average, that was more than their unaudited peers because higher total value locked (TVL) protocols attract more sophisticated attackers and exploits.

In Q1, MiCA and DORA in the EU shifted further into active enforcement, Dubai’s regulator, the Virtual Assets Regulatory Authority, tightened expectations around its Technology and Information Rulebook, Singapore enforced Basel-aligned capital and one-hour incident notification rules, and the United Arab Emirates’ new Capital Market Authority took over federal digital asset oversight with broader powers and higher penalties.

Related: Crypto hackers steal $169M from 34 DeFi protocols in Q1: DefiLlama

Hacken ties those regimes to a new benchmark for “regulator-ready” stacks that includes proof-of-reserves attestations backed by daily internal reconciliation, 24/7 onchain monitoring across treasury wallets and privileged roles, automated circuit-breakers on minting and governance functions and incident notification clocks calibrated to the strictest applicable standard. 

The report highlights “realistic” targets of awareness within 24 hours, labeling within four hours, and blocking in 30 seconds, with “aspirational” goals as low as 10 minutes for detection and 1 second to block, based on guidance from Global Ledger’s 2025 Laundering Race data.

At the human layer, Hacken flags North Korean clusters as the most consistent operational threat, with Step Finance’s $40 million loss and Bitrefill’s infrastructure breach extending a playbook of fake VC outreach, malicious video call tooling and compromised employee endpoints that extracted roughly $2.04 billion from the sector in 2025.

Magazine: XRP yet to ‘price in’ 3 bullish catalysts, Bitcoin to $80K? Trade Secrets

Source: CoinTelegraph


Son zamanlarda yayınlanan diğer makaleler

How ethical hackers with just a $3,000 server found a flaw that could've put $70 billion in crypto at risk
How ethical hackers with just a $3,000 server found a flaw that could've put $70 billion in crypto at risk

Blockchain

A critical flaw in the Aptos blockchain, which was patched, gave researchers a near-90% success rate...

Bitcoin experts split over plan to freeze Satoshi's 1.1 million bitcoin as quantum threat grows
Bitcoin experts split over plan to freeze Satoshi's 1.1 million bitcoin as quantum threat grows

Bitcoin

Binance founder Changpeng Zhao said Satoshi Nakamoto's bitcoin should be frozen before quantum compu...

Bitcoin jumps above $63,000, reversing end-June losses
Bitcoin jumps above $63,000, reversing end-June losses

Bitcoin

The token hit its highest in over a month during thin July 4 trading, with XRP up 5% in 24 hours to ...

Tokenization's next use case is personalized portfolios, NYLIM executive says
Tokenization's next use case is personalized portfolios, NYLIM executive says

Blockchain

Thomas Sy, head of multi-asset solutions at the $800-million asset manager, says blockchain can enab...

Kraken lets traders use tokenized stocks as collateral for leveraged trades
Kraken lets traders use tokenized stocks as collateral for leveraged trades

Trading Strategies

Eligible users can now use select tokenized stocks and ETFs as collateral for futures and margin tra...

UK's bold new crypto rules promise to unlock global trading, but huge compliance hurdles still threaten the rollout
UK's bold new crypto rules promise to unlock global trading, but huge compliance hurdles still threaten the rollout

Trading Strategies

The U.K. FCA's crypto framework has been praised for prioritizing global liquidity and institutional...