Real-time deepfakes, phishing attacks, supply chain compromises, and cross-chain vulnerabilities are set to drive significant crypto hacks in 2026, according to CertiK senior blockchain investigator Natalie Newson. The industry has already suffered over $600 million in losses attributed to hacks this year, with two major thefts linked to North Korean actors highlighting the growing sophistication of threats.

Among the notable incidents was the $293 million exploit of Kelp DAO, which was tied to a single point-of-trust failure within the LayerZero cross-chain messaging protocol. This incident not only demonstrates the vulnerabilities present in cross-chain technologies but also raises questions about the reliability of infrastructure that underpins decentralized applications. The Drift Protocol also fell victim to a staggering $280 million hack, showcasing that even established protocols are not immune to attacks. These incidents serve as a stark reminder that the crypto landscape is rife with potential threats.

Another incident involved hackers utilizing AI for social engineering, resulting in the theft of approximately $100,000 from Zerion's hot wallets. This incident underscores the intersection of AI and cybercrime, as attackers leverage advanced techniques to create convincing impersonations that can deceive even the most vigilant users. Newson warns that the acceleration of AI capabilities could exacerbate these threats, making it increasingly challenging for investors and users to discern genuine communications from malicious attempts.

As the average size of crypto hacks surged to $19.5 million in 2025, Newson emphasizes that investors must stay informed about current threats, particularly phishing. Phishing remains a prevalent method used by attackers to gain unauthorized access to sensitive information. Techniques to mitigate risks include verifying URLs and smart contracts and considering cold wallets for asset storage. Newson specifically advises that utilizing cold wallets can help keep assets that are not regularly used safe and allows users to sign transactions without ever exposing their private keys, a critical step in enhancing security.

AI's dual role in this landscape is noteworthy. While it aids hackers by creating more convincing deepfakes and autonomous attack agents, it can also serve as a defense mechanism. Recent reports indicate that AI has led to an increase in bug bounty submissions, showcasing its potential to identify vulnerabilities defensively. For instance, Anthropic's AI model Claude Mythos claims to find bugs in major operating systems, suggesting a new frontier in cybersecurity. Such advancements in AI could empower organizations to better protect their digital assets and infrastructure by proactively identifying and addressing potential vulnerabilities before they can be exploited.

Regulatory bodies are taking notice of these escalating threats. The US Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection recently announced an expansion of its cybersecurity threat identification program to include digital asset companies. This response is critical as supply-chain breaches have emerged as one of the most damaging threats, accounting for $1.45 billion in losses in 2025 alone. The proactive measures taken by regulators highlight the growing recognition of the need for enhanced cybersecurity protocols within the rapidly evolving crypto sector.

MORE FROM COINTIMES

House GOP Proposes Tax Cuts for Small Businesses Amid Funding Controversy

Rep. David Kustoff's new bill aims to raise small business tax deductions while navigating budget reconciliation for Homeland Security funding.

The Bybit hack in February 2025, which resulted in $1.4 billion in losses, exemplifies the growing activity from well-funded and organized threat actors within the ecosystem. CertiK predicts that as these actors become more adept at targeting infrastructure providers, the sophistication of supply chain attacks will only increase. The current landscape presents a stark reminder of the vulnerabilities inherent in the crypto space and the necessity for robust security measures. The Bybit exploit serves as a cautionary tale for the industry, emphasizing the importance of maintaining stringent security protocols and continuously assessing potential vulnerabilities within operational frameworks.

Investors and companies alike must remain vigilant in the face of these evolving threats. CertiK's insights signal a need for a proactive approach to cybersecurity, emphasizing the importance of education and awareness in safeguarding assets. The ramifications of these hacks extend beyond immediate financial losses; they threaten the integrity of the entire crypto ecosystem, making it imperative for all stakeholders to adapt and fortify their defenses against emerging cyber threats. A collective effort from the community, investors, and regulatory bodies will be essential in establishing a more secure environment for digital assets.

As the regulatory landscape evolves, the focus on cybersecurity in the crypto sector is likely to intensify. With the expansion of oversight measures, companies in the digital asset space will need to enhance their security protocols to comply with new regulations and mitigate risks. This regulatory pressure can serve as a catalyst for innovation in cybersecurity practices, prompting organizations to adopt more sophisticated technologies and strategies to combat threats.

Furthermore, the intersection of AI and cybersecurity offers both challenges and opportunities for the industry. On one hand, the advanced capabilities of AI can be exploited by malicious actors to execute more sophisticated attacks. On the other hand, the same technology can be harnessed by security professionals to develop cutting-edge defenses. As the arms race between attackers and defenders escalates, the adoption of AI-driven security solutions could become a critical component of a comprehensive cybersecurity strategy.

The crypto community must also prioritize educational initiatives to raise awareness about potential threats. By fostering a culture of security, investors can be better equipped to identify suspicious activities and protect their assets. Training and resources should be provided to help users understand how to recognize phishing attempts, the importance of using secure storage options, and the benefits of multi-factor authentication. The more informed the community is, the harder it will be for attackers to succeed in their malicious endeavors.

As we move further into 2026, it is clear that the crypto landscape will continue to evolve alongside technological advancements. The combination of real-time deepfakes, sophisticated phishing techniques, and supply chain vulnerabilities will undoubtedly shape the nature of crypto hacks. The industry's ability to respond to these challenges will determine not only the security of individual investors but also the overall health of the cryptocurrency ecosystem. Stakeholders must remain proactive, adaptable, and vigilant in the face of growing threats to ensure a secure and sustainable future for digital assets.