Two major breaches alone accounted for nearly 600 million dollars, dominating April’s total losses.
April 2026 proved to be a turbulent period for the crypto industry. While market activity appeared relatively stable despite ongoing geopolitical tensions, a wave of high profile security breaches undermined investor confidence.
According to blockchain security firm CertiK, crypto related exploits and attacks during the month resulted in losses exceeding 650 million dollars.
Major Exploits Dominate Monthly Losses
The most significant incidents involved KelpDAO, which suffered losses of 292 million dollars, and Drift Protocol, which lost 285.2 million dollars.
The Drift Protocol breach was the result of a prolonged and carefully orchestrated effort involving social engineering tactics to gain access to key protocol signers. Once access was secured, the attackers drained funds in roughly 12 minutes.
In contrast, the KelpDAO exploit was linked to a vulnerability involving a single verifier flaw within a LayerZero bridge. After the breach, attackers attempted to move funds through THORChain, though more than 70 million dollars had already been frozen on Arbitrum.
Other notable incidents included Rhea Finance with losses of 18.4 million dollars and Grinex at 16.2 million dollars.
By sector, decentralized finance projects absorbed the largest hit at 609.3 million dollars. Unverified contracts accounted for 8.5 million dollars in losses, followed by GameFi projects at 3.4 million dollars, bridge related exploits at 2.8 million dollars, and meme coin projects at 1.9 million dollars.
When categorized by attack method, wallet compromises were responsible for the vast majority of losses at 611 million dollars. Price manipulation contributed 18.8 million dollars, code vulnerabilities 16.9 million dollars, phishing attacks 3.5 million dollars, and front end exploits approximately 544,700 dollars.
Fewer Attacks but Greater Impact
Data from TRM Labs shows that North Korean hacking groups were responsible for 76 percent of all crypto related losses in 2026 up to April. This dominance was not due to a higher number of attacks, but rather the scale of a few highly impactful operations. Two incidents alone caused losses of 577 million dollars, outweighing the combined effect of other breaches.
This approach reflects a broader strategy that has been consistent since 2017, focusing on fewer but more damaging attacks. Over time, the share of global crypto theft attributed to these groups has steadily increased, rising from under 10 percent in 2020 and 2021 to 22 percent in 2022, 37 percent in 2023, 39 percent in 2024, and 64 percent in 2025.
The sharp rise in 2025 was largely driven by the Bybit breach, where 1.46 billion dollars was stolen through a compromised Safe Wallet signing interface, making it the largest crypto hack on record.
In 2026, the combined losses from KelpDAO and Drift mirror this pattern of high impact events. While the number of attacks remains relatively low, their execution is becoming more advanced.
Since 2017, total crypto theft linked to North Korean groups has surpassed 6 billion dollars. Analysts believe these actors may now be leveraging artificial intelligence to enhance reconnaissance and refine social engineering techniques, enabling more precise and targeted cyberattacks.#crypto#cryptonews https://coinsignals.net https://t.me/coinsignalpublic
