CertiK counts more than $1.31 billion stolen across 344 crypto security incidents in H1 2026, as security firms urge continuous reauditing with AI tools now armingCertiK counts more than $1.31 billion stolen across 344 crypto security incidents in H1 2026, as security firms urge continuous reauditing with AI tools now arming

AI Is Speeding Up Both Hacks and Hunts for Smart Contract Bugs, Security Experts Warn

For feedback or concerns regarding this content, please contact us at crypto.news@mexc.com
  • CertiK’s Hack3d report recorded more than US$1.31 billion lost across 344 incidents in the first half of 2026, about 28% higher than a year earlier once the Bybit hack is excluded.
  • Code vulnerabilities produced 204 incidents, the highest count of any attack vector, with hackers increasingly targeting legacy contracts more than a year old, according to CertiK.
  • A four-year-old bug in Zcash’s Orchard pool, found by security engineer Taylor Hornby using a Claude-powered auditing agent, has firms including TRM Labs urging continuous review over one-time audits.

Crypto protocols lost more than US$1.31 billion (AU$1.89 billion) to hacks and exploits across 344 incidents in the first half of 2026, according to CertiK’s Hack3d report, and security experts say the same AI tooling speeding up those attacks is also helping defenders surface bugs that sat undetected for years.

Headline losses fell 46.8% from the first half of 2025, though that period included the US$1.45 billion (AU$2.09 billion) Bybit hack. Excluding it, CertiK said losses ran about 28% higher year-on-year. 

Some US$115.3 million (AU$166 million) was frozen or recovered, putting net losses near US$1.2 billion (AU$1.73 billion). “The underlying security environment has not improved; in several meaningful respects, it has deteriorated,” the report stated.

Wallet compromise was the costliest vector at US$444.5 million (AU$640.1 million) across 33 incidents. April produced two of the largest single incidents of the half, the US$291 million (AU$419 million) Kelp DAO RPC compromise and the US$285 million (AU$410.4 million) Drift Protocol breach. 

Phishing followed at US$366.3 million (AU$527.5 million) across 63 incidents, with incident volume down 52.3% while losses fell only 10.8%. Four incidents accounted for about 85% of the category’s losses, a shift CertiK attributed to highly targeted social engineering.

Related: SEC Eyes Sweeping Crypto Rule Overhaul Covering Tokens, Trading, and Broker-Dealers

Old Code Draws New Attacks

Code vulnerabilities cost US$151.6 million (AU$218.3 million) across 204 incidents, the highest count of any category, and CertiK identified a growing pattern of attackers targeting legacy contracts more than a year old, aided by improved automated tooling that finds latent vulnerabilities at scale. The firm warned that the window of maximum vulnerability does not close after launch.

Security engineer Taylor Hornby, engaged by Shielded Labs to audit Zcash, found a four-year-old soundness bug in the privacy network’s Orchard shielded pool in late May using a custom auditing agent powered by Anthropic’s Claude. 

The flaw, in the codebase since May 2022, could have allowed undetectable counterfeiting; a patch shipped on June 1, an emergency hard fork followed on June 3, and developers believe no exploitation occurred. ZEC fell about a third on the June 5 disclosure.

Anthropic’s own December research found AI agents uncovered the equivalent of US$4.6 million (AU$6.62 million) in simulated exploits across 405 previously hacked contracts, and surfaced two unknown vulnerabilities while screening 2,849 newer ones.

TRM Labs Global Head of Policy Ari Redbord stated the data argues for continuous review in place of a one-time audit, with attack techniques moving faster than a launch-day audit can account for.

Related: Ripple Secures Full EU MiCA License, Clearing Path for Crypto Expansion Across Europe

The post AI Is Speeding Up Both Hacks and Hunts for Smart Contract Bugs, Security Experts Warn appeared first on Crypto News Australia.

Market Opportunity
Gensyn Logo
Gensyn Price(AI)
$0.02705
$0.02705$0.02705
-3.97%
USD
Gensyn (AI) Live Price Chart

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact crypto.news@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

Why The Green Bay Packers Must Take The Cleveland Browns Seriously — As Hard As That Might Be

Why The Green Bay Packers Must Take The Cleveland Browns Seriously — As Hard As That Might Be

The post Why The Green Bay Packers Must Take The Cleveland Browns Seriously — As Hard As That Might Be appeared on BitcoinEthereumNews.com. Jordan Love and the Green Bay Packers are off to a 2-0 start. Getty Images The Green Bay Packers are, once again, one of the NFL’s better teams. The Cleveland Browns are, once again, one of the league’s doormats. It’s why unbeaten Green Bay (2-0) is a 8-point favorite at winless Cleveland (0-2) Sunday according to betmgm.com. The money line is also Green Bay -500. Most expect this to be a Packers’ rout, and it very well could be. But Green Bay knows taking anyone in this league for granted can prove costly. “I think if you look at their roster, the paper, who they have on that team, what they can do, they got a lot of talent and things can turn around quickly for them,” Packers safety Xavier McKinney said. “We just got to kind of keep that in mind and know we not just walking into something and they just going to lay down. That’s not what they going to do.” The Browns certainly haven’t laid down on defense. Far from. Cleveland is allowing an NFL-best 191.5 yards per game. The Browns gave up 141 yards to Cincinnati in Week 1, including just seven in the second half, but still lost, 17-16. Cleveland has given up an NFL-best 45.5 rushing yards per game and just 2.1 rushing yards per attempt. “The biggest thing is our defensive line is much, much improved over last year and I think we’ve got back to our personality,” defensive coordinator Jim Schwartz said recently. “When we play our best, our D-line leads us there as our engine.” The Browns rank third in the league in passing defense, allowing just 146.0 yards per game. Cleveland has also gone 30 straight games without allowing a 300-yard passer, the longest active streak in the NFL.…
Share
BitcoinEthereumNews2025/09/18 00:41
Cathie Wood’s ARK Invest Buys $13.7M in Circle Shares While Selling Robinhood Stock

Cathie Wood’s ARK Invest Buys $13.7M in Circle Shares While Selling Robinhood Stock

TLDR ARK Invest bought 217,896 Circle Internet Group shares for ~$13.7M on July 9 ARK sold 85,319 Robinhood Markets shares worth ~$9.8M on the same day ARK has
Share
Coincentral2026/07/10 14:51
The changing face of elder care in Malaysia — Sayed Mohammad Reza Yamani Sayed Umar

The changing face of elder care in Malaysia — Sayed Mohammad Reza Yamani Sayed Umar

JULY 10 — An elderly society is becoming increasingly prevalent in Malaysia at present. It is projected that the p...
Share
Malaymail2026/07/10 15:24

$5M in SPCX Positions for Free

$5M in SPCX Positions for Free$5M in SPCX Positions for Free

0 fees, 100x leverage, daily prizes, 7K+ stocks/ETFs