Crypto Security Threats on the Rise: Insights for 2026
CertiK warns crypto users about the increasing risks of phishing, deepfakes, and supply chain attacks as major hacks surge.
Increasing Crypto Hacks: A Warning from CertiK
CertiK has emphasized the importance of following fundamental security practices as significant breaches in the cryptocurrency space escalated in April.
Real-time deepfakes, phishing schemes, and compromises in supply chains are predicted to be driving factors behind the largest hacks of 2026, as stated by CertiK’s senior blockchain investigator, Natalie Newson.
The industry has faced over $600 million lost in hacks this year, primarily linked to two significant thefts associated with North Korea that took place in April, including a notable $293 million exploit of the Kelp DAO, which was a consequence of a critical failure in the LayerZero cross-chain messaging protocol, along with a $280 million incident involving the Drift Protocol.
Newson highlighted an incident on April 15, where Zerion disclosed that North Korean hackers used AI to conduct a social engineering attack, successfully siphoning off approximately $100,000 from its hot wallets. She expressed concern that the increasing use of AI could exacerbate breaches in the future.
Investor Safety Tips
In light of these threats, she advised crypto investors to always verify the authenticity of URLs and smart contracts to protect against phishing scams.
Investors should consider utilizing storage alternatives that are not directly linked to crypto exchanges. She suggested that using cold wallets can ensure the safety of assets that are not frequently traded while allowing for secure transaction signing without compromising private keys.
The Role of AI in Cybersecurity
Newson elaborated on the potential misuse of AI by cybercriminals, stating there are now more sophisticated deepfakes and autonomous agents capable of scanning smart contracts for vulnerabilities and executing attacks at incredible speeds. She also noted a recent report about a cybercrime figure named “Jinkusu,” involved in selling advanced tools aimed at evading KYC verification through deepfake technology.
Nonetheless, Newson pointed out that AI could be a vital tool in the defense against these threats, having noted a surge in bug bounty submissions as a result of AI implementations. The AI model Claude Mythos developed by Anthropic has demonstrated capabilities to identify weaknesses in critical systems and has already been used defensively by a select group of tech companies.
As such attacks evolve in complexity, regulatory bodies are ramping up their response strategies. Recently, the US Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection announced an expansion of its threat identification efforts encompassing digital asset firms.
Related Reading:
Telegram CEO Durov warns of potential risks with EU age-verification app
In summary, the landscape of crypto security is becoming increasingly perilous, and investors are urged to stay informed and vigilant.
