In the first half of 2026, the number of attacks targeting the cryptocurrency ecosystem soared to record levels. According to data from TRM Labs, the six-month period from January to June saw
In the first half of 2026, the number of attacks targeting the cryptocurrency ecosystem soared to record levels. According to data from TRM Labs, the six-month period from January to June saw 207 separate incidents and a total loss of $972 million. While the frequency of attacks rose sharply, it was noteworthy that overall losses declined compared to the same period last year.
Incident count surges but losses shrink
TRM Labs had identified only 83 incidents in the first half of 2025. This year, that figure jumped to 207—a more than twofold increase in just one year. The company emphasized that this spike was not driven by a single large-scale attack but rather by a steady rise in smaller, scattered breaches throughout the year. Notably, 123 incidents occurred in the second quarter alone.
TRM Labs is recognized as a leading research firm specializing in blockchain analysis and the investigation of financial crimes.
TRM Labs reported that 207 crypto attacks took place in the first half of 2026—the highest for any six-month period to date—while total thefts held at $972 million, a significant drop from the $2.3 billion lost in the first half of 2025.
The most prevalent type of attack targeted vulnerabilities in smart contracts. Of the 207 incidents, 125 fell into this category. These exploits mainly focused on decentralized finance applications, decentralized exchanges, and token projects. TRM Labs also observed that attackers increasingly combined multiple code interventions within a single incident instead of relying on just one tactic.
Mini glossary: Smart contracts are pieces of code that execute automatically on the blockchain when specific conditions are met. Logic errors or weaknesses in authorization controls within these contracts can enable attackers to withdraw funds.
IndicatorFirst half of 2025First half of 2026Total incidents83207Total loss$2.3 billion$972 millionMedian lossNot specified$219,000
North Korea-linked attacks dominate
Roughly $643 million of the total stolen was traced to activities linked to North Korea. This figure represents nearly 66% of the aggregate losses during the period. Most of these damages occurred in just two major attacks in April.
Those incidents targeted Drift Protocol and KelpDAO. According to TRM Labs, approximately $285 million was lost in the Drift Protocol breach and around $292 million was siphoned off in the KelpDAO incident. Combined, these two attacks accounted for a staggering $577 million in losses.
Activities associated with North Korea accounted for nearly two-thirds of losses—about $643 million—with most of the damages stemming from major attacks on Drift Protocol and KelpDAO in April.
Infrastructure breaches drive majority of damages
Breaches stemming from infrastructure or operational failures made up just 15% of total incidents. Nonetheless, these events were responsible for about 76% of total financial losses. TRM Labs noted that such attacks focused not on on-chain code exploits but rather on signature systems, access credentials, and asset control infrastructure.
In contrast, while smart contract attacks led in frequency, they accounted for a smaller share of total funds stolen. The report also highlighted a “wrench attack” incident—where physical coercion was used—which resulted in approximately $24 million in losses.
TRM Labs emphasized that even as organizations continue smart contract audits, they must also reinforce key management and transaction approval processes. The analysis concluded that while minor vulnerabilities are surfacing more frequently, it is still the large-scale infrastructure breaches that primarily dictate overall annual losses.
The post Crypto ecosystem hit by a record 207 attacks in six months! Why did total losses actually drop? appeared first on COINTURK NEWS.