CertiK: Crypto industry hackers lost more than 600 million, deepfakes and supply chain threats intensify

According to CoinTelegraph’s report on April 23, CertiK senior blockchain investigator Natalie Newson said that real-time deepfakes, cyber phishing attacks, supply-chain vulnerabilities, and cross-chain vulnerabilities are the main root causes of some of the largest-scale crypto hacking attacks in 2026. By 2026, the cryptocurrency industry has already lost more than $600 million due to hacking attacks.

CertiK Analysts Identify the Main Threat Types in 2026

According to Natalie Newson’s public statement, the main attack methods currently include:

Cyber Phishing: Newson advises users to verify the legitimacy of URLs and smart contracts as a basic protective measure

Real-time Deepfakes: Can be used to bypass KYC identity verification for crypto platforms and banks

Supply-Chain Vulnerabilities: Attackers target infrastructure providers and launch large-scale attacks by exploiting upstream vulnerabilities

Cross-Chain Infrastructure Vulnerabilities: Involves the failure of a single point of trust in cross-chain message transmission protocols

In her statement, Newson said, “Now that there are more realistic deepfake technologies, autonomous attack agents, and ‘smart AI,’ they can autonomously scan for vulnerabilities in smart contracts, write exploit code, and execute attacks at machine speed. At the same time, AI can also become one of the biggest defensive measures.”

Newson also recommends that retail investors store assets they do not frequently use in cold wallets to reduce the risk of private key leakage.

Two Major North Korea-Related Cyber Attack Incidents in April

According to public reporting, in April 2026 there were two major crypto attack incidents related to North Korea:

Kelp DAO Cross-Chain Vulnerability (April 18): The attackers exploited a failure of a single point of trust in the LayerZero cross-chain message transmission protocol infrastructure used by KelpDAO, resulting in losses of about $293 million. Details are in an official report jointly released by Aave and LlamaRisk on April 20.

Zerion Hot Wallet Attack (April 15): According to Zerion’s official disclosure on April 15, hackers linked to North Korea used long-term AI social engineering attacks to steal about $100k from Zerion’s hot wallet.

In addition, according to Cointelegraph’s report on April 6, a threat actor codenamed “Jinkusu” was identified as selling cybercrime tools and used deepfake and voice manipulation techniques to bypass KYC verification mechanisms for banks and crypto platforms.

TRM Labs and CertiK Historical Data for 2025

(Source: TRM Labs)

According to TRM Labs data, the average single-instance loss from crypto hacker attacks in 2025 reached $19.5 million. CertiK disclosed to Cointelegraph in December 2025 that hackers stole a total of $3.3 billion in crypto assets throughout 2025. Among them, supply-chain vulnerabilities were the most destructive threat type; just two incidents caused losses of $1.45 billion, including the $1.4 billion hacking attack against Bybit in February 2025.

The U.S. Treasury Department’s OCCIP Expands Digital Asset Cybersecurity Initiative

According to the U.S. Treasury Department’s official announcement on April 9, the Treasury Department’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) said it is expanding the coverage of its cybersecurity threat identification program, formally bringing digital asset companies into it.

Frequently Asked Questions

What are the main types of crypto attacks identified by CertiK in 2026?

According to CertiK senior blockchain investigator Natalie Newson’s public statement, the most important attack methods in 2026 include real-time deepfakes, cyber phishing attacks, supply-chain vulnerabilities, and single point of trust vulnerabilities in cross-chain infrastructure.

How large are the hacking losses in the crypto industry as of 2026?

According to CertiK’s analysis, as of 2026 the cryptocurrency industry has lost more than $600 million due to hacking attacks, mainly from two North Korea-related incidents: the Kelp DAO attack on April 18 ($293 million) and the Zerion hot wallet attack on April 15 (about $100k).

What new measures did the U.S. Treasury Department’s OCCIP announce for digital assets on April 9?

According to the U.S. Treasury Department’s official announcement on April 9, OCCIP announced it is expanding the scope of its cybersecurity threat identification program, for the first time formally including digital asset companies within the federal cybersecurity protection framework.