Articles
Crypto Market Analysis

Phishing, deepfakes, supply chain attacks to fuel 2026's biggest crypto hacks: CertiK

User Image

通过 匿名

创建 April 23, 2026|阅读需要 2 分钟
Main Image

CertiK has urged crypto users not to overlook basic security practices as major crypto hacks spiked in April.

Real-time deepfakes, phishing attacks, supply chain compromises and cross-chain vulnerabilities will likely be the root of some of the biggest hacks in 2026, according to CertiK senior blockchain investigator Natalie Newson.

The industry has already lost over $600 million to hacks in 2026, due largely to two North Korea-linked crypto thefts in April, including the $293 million Kelp DAO exploit on Saturday involving a single point-of-trust failure in cross-chain messaging protocol LayerZero’s infrastructure, and the $280 million exploit of the Drift Protocol.

Another DPRK-linked attack involved the use of AI for social engineering. Crypto wallet Zerion revealed on April 15 that North Korean-affiliated hackers used AI in a long-term social engineering attack to steal about $100,000 from the company’s hot wallets.

Newson warned that, in “some aspects,” the acceleration of AI will only worsen crypto attacks.

 “The best way for investors to protect themselves is to be aware of the current threats they may face... For instance, to protect yourself against phishing, always verify the authenticity of URLs and smart contracts,” Newson said.

Newson said that as exploits become more sophisticated, retail investors should explore storage options outside of crypto exchanges. 

“Using cold wallets can help keep assets that you don’t use regularly safe and allows you to sign transactions without ever exposing your private keys,” she said. 

“There are now more convincing deepfakes, autonomous attack agents, and ‘agentic AI’ that can autonomously scan smart contracts for bugs, draft exploit code and execute attacks at machine speed," she said.

On April 6, Cointelegraph reported that a threat actor known as “Jinkusu” was allegedly selling cybercrime tools designed to bypass Know Your Customer (KYC) checks at banks and crypto platforms, using deepfakes and voice manipulation.

“At the same time, AI can also be one of the biggest defenses,” said Newson. 

Cointelegraph recently reported that an increase in AI use has led to a flood of bug bounty submissions, both valid and invalid. Anthropic’s AI model Claude Mythos, claimed to have the ability to find vulnerabilities in major operating systems, has been deployed defensively with a release to a limited set of tech firms.

CertiK shared with Cointelegraph in December 2025 that crypto hackers stole $3.3 billion in 2025. 

The company said supply-chain breaches emerged as the most damaging threat, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February 2025.

Related: Telegram CEO Durov warns EU age-verification app could enable wider tracking

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the “sophistication” of supply chain attacks as attackers target more infrastructure providers.

Regulators are responding. On April 9, the US Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) announced on Thursday that it is expanding its cybersecurity threat identification program to include digital asset companies.

Magazine: Adam Back says current demand is ‘almost’ enough to send Bitcoin to $1M

Source: CoinTelegraph


最近发布的其他文章

Bitcoin holds near $63,800 as war-driven selloff hits everything but crypto
Bitcoin holds near $63,800 as war-driven selloff hits everything but crypto

Bitcoin

Gold, oil, stocks and bonds all moved sharply on the fourth round of U.S. strikes on Iran, but bitco...

Bitcoin ETFs draw $197M, snap 8-week outflow streak
Bitcoin ETFs draw $197M, snap 8-week outflow streak

Bitcoin

Analysts are not yet ready to call it a recovery in institutional demand for Bitcoin.Source: CoinTel...

Bank of Thailand targets USDT and cash flows in gray money crackdown
Bank of Thailand targets USDT and cash flows in gray money crackdown

Crypto Market Analysis

Thailand has been plagued by Chinese-affiliated scam centers, with illicit gains flowing through a �...

AI microbusinesses could drive $262B in stablecoin volume by 2033: Swyftx
AI microbusinesses could drive $262B in stablecoin volume by 2033: Swyftx

Crypto Market Analysis

The AI-native cohort of the expanding gig economy could increasingly use stablecoins to avoid slow a...

Signs of life?: State of Crypto
Signs of life?: State of Crypto

Crypto Market Analysis

Several sources told CoinDesk that a new draft of the Clarity Act may drop this week, but challenges...

Strategy's Saylor needs clarity in BTC pivot message to convince investors: StanChart
Strategy's Saylor needs clarity in BTC pivot message to convince investors: StanChart

Bitcoin

Standard Chartered sees communication challenges facing the biggest digital asset treasury company a...