Crypto Hacks Reach $17B, Private Key Breaches Lead Losses

Crypto hackers have stolen over $17 billion across 518 incidents in the past decade, with private key compromises emerging as the leading attack vector, according to a report from analytics platform DefiLlama. The findings highlight a worrying shift in the focus of attackers from protocol-level vulnerabilities to weaknesses in wallet security and user behavior.

DefiLlama’s data reveals that 22.3% of these incidents stemmed from brute force attacks targeting private keys, while another 18.2% were attributed to unknown methods of key compromise. Phishing attacks on multi-signature wallets accounted for 10% of the cases. These techniques have eclipsed smart contract exploits in recent years, as developers have improved protocol-level security.

The latest example of this trend came just days ago, when Kelp DAO’s LayerZero-powered rsETH bridge was exploited for roughly $290 million in restaked Ether. This attack stands as the largest crypto theft of 2026 to date.

DeFi Suffers $600M in Losses in Two Months

The decentralized finance (DeFi) sector has been particularly hard-hit by this new wave of exploits. A report from crypto trading firm GSR shows that over $600 million has been drained from DeFi protocols in just the past 60 days. The Kelp DAO hack and an April 1 exploit targeting the Solana-based Drift Protocol accounted for the lion's share of these losses.

GSR’s report also pointed to a troubling trend: attackers are increasingly targeting operational security, developer tooling, and signing infrastructure, areas that are often overlooked. With DeFi yields now compressing toward traditional finance rates, the risk-reward balance for depositing crypto on-chain is becoming a contentious question for users.

AI and Malware Lower Barriers for Hackers

Advances in malware and artificial intelligence are making it easier for hackers to scale social engineering and wallet-targeting attacks. Dyma Budorin, CEO of cybersecurity firm Hacken, warned that “hacking-as-a-service” platforms on the dark web are enabling even low-skilled attackers to drain victims' wallets. These platforms often take a commission for providing tools, making wallet theft more accessible and lucrative.

According to Hacken, phishing and social engineering accounted for $306 million of the $482 million lost to Web3 hacks in Q1 2026. This suggests that even as user awareness grows, attackers are finding new ways to exploit human error and outdated security practices.

What’s Next for Crypto Security?

While phishing-related losses reportedly dropped sharply in 2025, thanks to increased user awareness, the rise of wallet-drainer scripts and sophisticated malware continues to present a significant challenge. For the industry, the focus now shifts to improving wallet and signing infrastructure security. Developers and users alike will need to adopt stronger operational security measures to fend off these increasingly “lazy” but effective attacks.

As the stakes rise, the crypto industry must confront a hard truth: better smart contract audits alone won’t solve the problem. The human and infrastructure elements of Web3 security are now the frontlines in a battle that shows no signs of slowing down.