.png)
H1 2026 Virtual Asset Security Report: Record Number of Hacking Incidents, but Total Losses Decrease to Under $1 Billion
In the first half of 2026, virtual asset hacking losses reached $972 million, a 58% decrease compared to the same period last year. While the number of attacks hit a record high of 207, the 'volume vs. value' paradox emerged as losses per incident actually decreased due to enhanced security and rapid response.
A significant shift has emerged in the virtual asset security landscape in the first half of 2026. According to the latest reports from blockchain security firms Immunefi and TRM Labs, hacking losses during the first six months of this year totaled $972 million. This is a notable decrease compared to previous years when billions of dollars in damage occurred, suggesting that the security infrastructure of the virtual asset market has entered a stage of maturity.
The number of attacks reached an all-time high, but the total damage fell below $1 billion. This means that while hackers' activities have become more frequent, the 'harvest' they reap is becoming smaller.
According to data released on July 9, 2026, losses in the first half of this year plummeted by approximately 58% compared to $2.3 billion in the first half of 2025. It is particularly noteworthy that the overall scale of losses shrank despite 123 security incidents occurring in the second quarter alone, setting a record high following the first quarter. This phenomenon is interpreted as a result of improved protocol security levels and faster incident response speeds, although attacks targeting smart contract vulnerabilities still predominate.
Continued Influence of North Korea-Linked Hacking Groups
While the overall scale of damage has decreased, hacking activities backed by specific states still account for an overwhelming proportion. TRM Labs analyzed that $643 million, or about 66% of the funds stolen in the first half of the year, was due to activities linked to North Korea. In particular, attacks on Drift Protocol and KelpDAO in April accounted for a significant portion of the total losses in the first half, proving the sophisticated targeting capabilities of North Korean hackers.
- Implementation of institutional security enhancement measures, such as the Hong Kong regulatory authorities' mandate for anti-phishing login requirements.
- MoonPay's introduction of a Telegram-based AI agent to support market analysis and preparation for secure transactions.
- Expansion of investment and the creation of a $1.2 billion fund for the AI security technology sector by major venture capital firms such as Paradigm.
Security achievements in the Decentralized Finance (DeFi) sector are also notable. According to data from Immunefi, hacking losses in DeFi protocols have decreased by 74% compared to the peak in 2022. This demonstrates that the widespread adoption of bug bounty programs and the accumulation of protocol operational expertise have led to a practical improvement in defensive capabilities. In fact, it was found that 93.9% of bug bounty programs operated on Immunefi for more than five years identified critical vulnerabilities in advance, preventing potential damages worth tens of billions of dollars.
However, caution is needed in interpreting the figures as calculation methods vary by security firm. While TRM Labs estimated losses at $972 million by focusing on pure hacks and exploits, CertiK reported a total of $1.32 billion in damages, including scams and phishing using social engineering techniques. This suggests that, beyond simple technical flaws, threats targeting individual users remain a major challenge for the virtual asset ecosystem.
Outlook for the Second Half of 2026 and Security Challenges
This pattern of 'low-cost, high-frequency' attacks is expected to continue in the second half of the year. Security experts advise that as hackers are developing more sophisticated attack scenarios using AI, it is essential to build AI-based real-time monitoring and automated response systems from a defensive standpoint. Additionally, strengthening international cooperation systems to increase the fund recovery rate, which was only 0.4% in 2025, is cited as an urgent task.
In conclusion, the first half of 2026 served as a turning point for the virtual asset industry to overcome security crises and take a leap forward. Although the number of attacks did not decrease, keeping the scale of damage below $1 billion is a significant achievement resulting from increased security awareness and technological progress across the industry. Investors should maintain a cautious investment attitude by closely examining the security certification status and regulatory compliance of individual protocols.



This content is for information and commentary only and is not investment advice.
Join the reader conversation
Read reactions to this article and leave your own note.