Phishing, Deepfakes, and Supply Chain Attacks Expected to Drive Cryptocurrency Breaches in 2026, CertiK Warns

According to blockchain security firm CertiK, sophisticated threats including phishing schemes, AI-generated deepfakes, and supply chain compromises will likely trigger the most significant cryptocurrency hacks throughout 2026.

The crypto industry has already suffered losses exceeding $600 million in 2026, with the damage primarily stemming from two major theft operations attributed to North Korean actors in April. These incidents included the $293 million Kelp DAO hack on Saturday—which exploited a critical vulnerability in LayerZero's cross-chain messaging infrastructure—and a $280 million breach targeting the Drift Protocol.

AI-Powered Social Engineering Emerges as Growing Threat

A separate North Korean-linked operation demonstrated the evolving sophistication of cyber attacks. Zerion, a cryptocurrency wallet platform, disclosed on April 15 that state-sponsored hackers leveraged artificial intelligence in an extended social engineering campaign to pilfer approximately $100,000 from the company's active wallet reserves.

Natalie Newson, senior blockchain investigator at CertiK, cautioned that artificial intelligence advancement may intensify cryptocurrency-related attacks across multiple dimensions. "There are now more convincing deepfakes, autonomous attack agents, and 'agentic AI' that can autonomously scan smart contracts for bugs, draft exploit code and execute attacks at machine speed," Newson stated.

Recommended Security Measures for Investors

Newson advised cryptocurrency users to strengthen their defenses by implementing fundamental security protocols. "The best way for investors to protect themselves is to be aware of the current threats they may face... For instance, to protect yourself against phishing, always verify the authenticity of URLs and smart contracts," she explained.

As hacking techniques grow increasingly complex, retail investors should consider alternative asset storage solutions beyond centralized exchanges. "Using cold wallets can help keep assets that you don't use regularly safe and allows you to sign transactions without ever exposing your private keys," Newson noted.

Supply Chain Breaches Present Significant Risk

CertiK's December 2025 report revealed that cryptocurrency thieves extracted $3.3 billion throughout 2025. Supply-chain breaches emerged as the most destructive threat vector, accounting for $1.45 billion in combined losses from merely two incidents. The $1.4 billion Bybit hack in February 2025 represented a particularly notable case.

"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," CertiK's assessment indicated, projecting an uptick in the sophistication of supply chain attacks targeting infrastructure providers.

The average scale of cryptocurrency hacks reached $19.5 million in 2025, according to data from TRM Labs.

Regulatory Bodies Expand Protective Oversight

In response to escalating threats, government agencies are intensifying their involvement. On April 9, the United States Department of the Treasury's Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) announced an expansion of its cybersecurity threat identification initiative to encompass digital asset enterprises.

Meanwhile, artificial intelligence itself may serve as a defensive mechanism. Anthropic's Claude Mythos AI model, which possesses the capability to identify vulnerabilities in major operating systems, has been deployed protectively to a restricted group of technology companies. The increased deployment of AI tools has simultaneously generated a surge in bug bounty submissions, both legitimate and spurious.