Phishing, deepfakes, supply chain attacks to fuel 2026’s biggest crypto hacks: CertiK
CertiK has urged crypto users not to overlook basic security practices as major crypto hacks spiked in April.
Real-time deepfakes, phishing attacks, supply chain compromises and cross-chain vulnerabilities will likely be the root of some of the biggest hacks in 2026, according to CertiK senior blockchain investigator Natalie Newson.
The industry has already lost over $600 million to hacks in 2026, owed largely to two North Korea-linked crypto thefts in April, including the $293 million Kelp DAO exploit on Saturday involving a single point-of-trust failure in cross-chain messaging protocol LayerZero’s infrastructure, and the $280 million exploit of the Drift Protocol.
Another DPRK-linked attack involved the use of AI for social engineering. Crypto wallet Zerion revealed on April 15 that North Korean-affiliated hackers used AI in a long-term social engineering attack to steal about $100,000 from the company’s hot wallets.