Crypto Exploit Losses Plunged 90% in May to $68M: CertiK Report

iEXExchanger
Crypto Exploit Losses Plunged 90% in May to $68M: CertiK Report

Crypto exploit losses in May 2026 dropped 90% to just $68 million, down from April's $651 million. CertiK calls it one of the best security months the industry has seen in years.

Cryptocurrency security had one of its best months in recent memory in May 2026: losses from exploits and hacks totaled roughly $68 million, according to blockchain security firm CertiK — nearly a 10-fold drop from April's record $651 million. The monthly report was published on June 1, 2026.

What Happened

CertiK's latest monthly statistics put total crypto exploit losses at approximately $68 million in May 2026 — a 90% decline from April. For an industry that regularly sees nine-figure theft events, this is rare good news. CertiK described May as one of the most subdued months for security incidents in recent years.

Why April Was So Devastating

April 2026 was one of the worst months for crypto hacks in over three years, with total losses reaching $651 million. Two massive attacks drove most of the damage:

  • Kelp DAO — approximately $293 million drained via a LayerZero infrastructure vulnerability.
  • Drift Protocol — roughly $280 million stolen in a similarly structured attack.

Both attacks have been linked to North Korea-backed hacker groups. According to Chainalysis and CertiK, North Korean operatives stole over $2 billion in crypto in 2025 alone, effectively industrializing digital asset theft as a state revenue source.

What Made May Different

CertiK hasn't pointed to a single explanation for the sharp decline. The most likely drivers are a combination of factors: no major high-value targets were successfully exploited, security teams stepped up audits after April's high-profile incidents, and LayerZero infrastructure underwent renewed review following the Kelp DAO breach.

A similar lull occurred in February 2026, when monthly hack losses dropped to $37–38 million. This supports a pattern observed in crypto security: major exploits tend to cluster in waves rather than occurring at a steady monthly rate.

What This Means for the Market

Lower theft figures are a clear positive signal for crypto investors and DeFi developers. Large exploits routinely trigger sharp sell-offs and erode confidence in decentralized finance broadly. May's quiet month gives markets a chance to recover.

Security researchers caution, however, that the data can shift rapidly. North Korea-linked hackers haven't stepped back, and the next major target is always one undiscovered vulnerability away.

  • May 2026: ~$68 million in losses (−90% vs. April)
  • April 2026: ~$651 million (one of the worst months in 3+ years)
  • Data source: CertiK, Web3 security audit platform

Questions and answers

Frequently asked questions about this article

What is CertiK and why is its data trusted?

CertiK is a US-based blockchain security audit firm that monitors exploits, hacks, and scams in the crypto space in real time, publishing monthly statistics. It is considered one of the leading data sources on Web3 security.

Why was April 2026 so destructive for crypto?

Two massive hacks — Kelp DAO ($293 million) and Drift Protocol ($280 million) — accounted for nearly $573 million in April alone. Both attacks are linked to North Korean hacker groups specializing in cross-chain bridge infrastructure exploits.

Does May's drop in hacks mean DeFi has become safer?

Not necessarily. Crypto hack statistics are highly volatile — a quiet month can be followed by a catastrophic one. May's decline indicates the absence of high-value exploitable targets that month, but does not signal that systemic industry risks have been resolved.

Were funds stolen in April's hacks recovered?

Most funds from the Kelp DAO and Drift Protocol hacks are considered extremely difficult to recover. The attacks are believed to be linked to North Korean groups that use complex laundering schemes involving mixers and cross-chain bridges.

Who is behind the biggest crypto hacks in 2026?

According to CertiK and Chainalysis, the majority of major nine-figure hacks in 2026 are linked to North Korea-backed groups. In 2025 they stole over $2 billion in crypto, making digital asset theft one of the primary revenue sources for the North Korean regime.

Read also