Real-time deepfakes, phishing campaigns, supply chain breaches, and cross-chain vulnerabilities are expected to drive some of the most significant crypto hacks in 2026, according to CertiK senior blockchain investigator Natalie Newson.
The industry has already suffered losses exceeding $600 million this year, largely due to two North Korea-linked attacks in April. These include a $293 million exploit targeting Kelp DAO—reportedly caused by a single point-of-trust failure in LayerZero’s cross-chain messaging infrastructure—and a $280 million breach of Drift Protocol.
Another attack tied to North Korean actors involved AI-powered social engineering. On April 15, crypto wallet provider Zerion disclosed that hackers used artificial intelligence in a prolonged scheme to siphon roughly $100,000 from its hot wallets.
Newson cautioned that the rapid advancement of AI is likely to further intensify the scale and sophistication of crypto-related attacks.
“The best way for investors to protect themselves is to stay aware of evolving threats,” Newson said. “For example, to avoid phishing attacks, always verify the authenticity of URLs and smart contracts.”
She added that as exploits grow more advanced, retail investors should consider storing assets outside centralized exchanges. “Using cold wallets can help secure funds you don’t actively use, allowing transactions to be signed without exposing private keys,” she explained.
AI: both a threat and a defense
Newson warned that artificial intelligence is accelerating the capabilities of attackers. “We’re seeing more convincing deepfakes, autonomous attack agents, and ‘agentic AI’ that can scan smart contracts for vulnerabilities, generate exploit code, and execute attacks at machine speed,” she said.
On April 6, it was reported that a threat actor known as “Jinkusu” was allegedly selling cybercrime tools capable of bypassing Know Your Customer (KYC) checks at banks and crypto platforms using deepfake and voice manipulation technologies.
At the same time, Newson noted that AI can also strengthen defenses. Increased use of AI has already led to a surge in bug bounty submissions—both legitimate and false positives. Anthropic’s AI model Claude Mythos, which claims to identify vulnerabilities in major operating systems, has been deployed defensively among a limited group of technology firms.
Regulators step up oversight
CertiK reported in December 2025 that crypto hackers stole $3.3 billion that year. Supply chain attacks proved especially damaging, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February 2025.
“The Bybit exploit shows that well-funded, highly coordinated threat actors are becoming more active across the ecosystem,” the report stated, forecasting increased sophistication in supply chain attacks as hackers target key infrastructure providers.
Regulators are beginning to respond. On April 9, the U.S. Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) announced it is expanding its cybersecurity threat detection program to include digital asset firms.
