NEW YORK, July 08, 2026 (GLOBE NEWSWIRE) — Ce tiK ece tly eleased the Ce tiK Hack3D: H1 2026 Repo t, a data-d ive a alysis of Web3 secu ity i cide ts f om Ja ua y th ough Ju e 2026. Ac oss 344 i cide ts, the ecosystem lost $1.3 billio , with adjusted et losses of app oximately $1.2 billio afte f oze a d ecove ed fu ds. While total losses appea lowe tha H1 2025, that compa iso is almost e ti ely a fu ctio of the $1.45 billio Bybit hack that defi ed that pe iod. St ipped of that outlie , H1 2026 losses a e app oximately 28% highe o a compa able basis.
The most costly mo th of H1 2026 was Ap il, which eco ded app oximately $651 millio i losses ac oss 61 i cide ts, shaped almost e ti ely by two eve ts. The Kelp DAO RPC comp omise ($291 millio , Ap il 18) saw attacke s exploit a DVN failove mecha ism to co fi m fab icated t a sactio s a d withd aw 116,500 sETH. The D ift P otocol b each ($285 millio , Ap il 1), the la gest exploit eve eco ded o Sola a, was executed th ough a multi-stage admi ist ative key comp omise that e abled the attacke to d ai SOL, USDC, a d Bitcoi f om the p otocol’s liquidity pools. Togethe , these two i cide ts accou t fo ea ly 44% of all H1 losses.
Wallet comp omise was the most fi a cially dest uctive attack catego y, ge e ati g $445 millio ac oss 33 i cide ts at a ave age of ove $13 millio pe eve t. The co ce t atio of losses i a small umbe of high-impact eve ts eflects a delibe ate attacke focus o key ma ageme t i f ast uctu e athe tha sma t co t act code.
Phishi g was the seco d most costly vecto at $366 millio ac oss 63 i cide ts. Despite a 52.3% decli e i i cide t volume compa ed to H1 2025, losses fell by o ly 10.8%, as b oad-volume campaig s have give way to p ecisio social e gi ee i g attacks. Fou such i cide ts p oduced app oximately 85% of all phishi g losses, with a si gle Ja ua y eve t accou ti g fo ea ly $285 millio alo e.
Code vul e ability was the most p olific attack catego y with 204 i cide ts a d $152 millio i losses. A g owi g sha e of these ta geted co t acts is mo e tha o e yea old, with mo thly i cide ts i this coho t isi g f om 7 i Octobe 2025 to 18 i May 2026, suggesti g attacke s a e systematically evisiti g legacy codebases well beyo d the i itial deployme t wi dow.
The epo t i cludes a dedicated assessme t of DPRK-li ked th eat activity. State-spo so ed acto s, most otably the Laza us G oup, have co siste tly escalated ope atio s as each cale da yea p og esses, with H2 2026 ep ese ti g a pe iod of heighte ed co ce . The D ift P otocol b each bea s cha acte istics co siste t with p io Laza us G oup ope atio s, though fo mal att ibutio had ot bee co fi med at publicatio .
Full epo t: https://i dd.adobe.com/view/9f1c777d-8d9f-4b14-b417-e4a29ee5359a
Media co tactElisa Yiti g Xuyiti g.xu@ce tik.com





 