Gate News update: According to DefiLlama data, in the first quarter of 2026, crypto hackers stole about $169 million in assets from 34 DeFi protocols in total, a sharp decline compared with the same period in 2025. Despite the overall loss decreasing, multiple major attacks still exposed security risks in the industry. Among them, in January the Step Finance private key leak incident resulted in losses of about $40 million, the largest attack of the quarter; next was the Truebit smart contract manipulation incident, which led to $26.4 million worth of Ethereum being stolen; in March, the Resolv Labs private key leak incident ranked third.
By comparison, the first quarter of 2025 saw losses as high as $1.58 billion due to major incidents, making the current data look relatively mild. However, security experts emphasize that crypto security risks have not weakened. Kraken Chief Security Officer Nick Percoco said that hacker activity depends more on market cycles and liquidity distribution than on specific time nodes. During bull markets, product launches, or periods when capital rapidly concentrates, attackers are more likely to lock onto targets and carry out attacks.
The current threat structure is also continuing to evolve. The industry faces a multi-layer threat landscape shifting from highly organized hacker groups to opportunistic attackers. Attack methods include private key theft, exploitation of smart contract vulnerabilities, and social engineering attacks. Some hacker groups reportedly linked to North Korea remain an important source of risk, and their attacks often target high-value, high-complexity infrastructure.
In addition, while the transparency of crypto assets improves efficiency, it also makes it easier for attackers to identify potential vulnerabilities. Security research shows that complex systems, weak permission management, and protocols with rapid iteration are more likely to become targets. Industry insiders expect that as AI technology develops, credential theft and automated attack methods may further increase in 2026.
Although the current data shows losses declining, security challenges remain severe. The DeFi ecosystem must continuously strengthen audits, key management, and risk controls to reduce systemic risk while the market expands.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
1inch Liquidity Provider TrustedVolumes Under Attack on Ethereum, $5.87M Stolen
According to Blockaid, the 1inch market maker and resolver TrustedVolumes is under attack on Ethereum as of May 7. The vulnerability was detected in Blockaid's security monitoring system within a custom RFQ trading agent contract controlled by TrustedVolumes. Attackers have extracted
GateNews31m ago
Project Eleven Warning: 6.90 million BTC face a quantum threat, with Q-Day earliest in 2030
In the post-quantum security space, the startup Project Eleven published a report on May 6, warning that the earliest possible arrival of the quantum computers surpassing the critical point of modern cryptography (Q-Day) may be as early as 2030, with a probability exceeding 50% for occurrence by 2033. The report also estimates that, under certain conditions, around 6.9 million bitcoins face potential quantum attack risk, and it calls on the cryptocurrency ecosystem to accelerate the anti-quantum migration process.
MarketWhisper53m ago
Project Eleven Warns Q-Day Could Arrive as Early as 2030
Project Eleven published a report on Wednesday proposing that the inflection point of quantum computers breaking modern encryption, often referred to as "Q-Day," could come as early as 2030, with a breakthrough described as "more likely than not" by 2033. The startup, focused on post-quantum securit
CryptoFrontier1h ago
NYSE Tokenization Partners Warn of Synthetic Stock Token Risks
NYSE tokenization partners have issued a warning that synthetic stock tokens could mislead retail traders through misrepresentation of underlying equities and unauthorized use of company names, according to the warning.
Concerns About Offshore Synthetic Tokens
The partners identified three key ri
CryptoFrontier5h ago
Project Eleven Warns Q-Day Could Hit as Early as 2030, With 6.9M Bitcoin at Risk
According to Project Eleven's Wednesday report, quantum computers could break modern encryption as early as 2030, with the startup estimating that 6.9 million bitcoins, worth more than $560 billion, could be exposed to quantum risk under certain conditions.
The post-quantum security-focused startup
GateNews7h ago
Ekubo Protocol Drained of $1.4M in WBTC Through Approval-Based Exploit
According to blockchain security firm Blockaid, Ekubo Protocol lost approximately $1.4 million in wrapped bitcoin (WBTC) recently after attackers exploited an access control flaw in its EVM swap router contracts. The attackers bypassed payment verification mechanisms to drain funds from wallets
GateNews11h ago
