CertiK counts more than $1.31 billion stolen across 344 crypto security incidents in H1 2026, as security firms urge continuous reauditing with AI tools now armingCertiK counts more than $1.31 billion stolen across 344 crypto security incidents in H1 2026, as security firms urge continuous reauditing with AI tools now arming

AI Is Speeding Up Both Hacks and Hunts for Smart Contract Bugs, Security Experts Warn

2026/07/10 14:24
Okuma süresi: 3 dk
Bu içerikle ilgili geri bildirim veya endişeleriniz için lütfen crypto.news@mexc.com üzerinden bizimle iletişime geçin.
  • CertiK’s Hack3d report recorded more than US$1.31 billion lost across 344 incidents in the first half of 2026, about 28% higher than a year earlier once the Bybit hack is excluded.
  • Code vulnerabilities produced 204 incidents, the highest count of any attack vector, with hackers increasingly targeting legacy contracts more than a year old, according to CertiK.
  • A four-year-old bug in Zcash’s Orchard pool, found by security engineer Taylor Hornby using a Claude-powered auditing agent, has firms including TRM Labs urging continuous review over one-time audits.

Crypto protocols lost more than US$1.31 billion (AU$1.89 billion) to hacks and exploits across 344 incidents in the first half of 2026, according to CertiK’s Hack3d report, and security experts say the same AI tooling speeding up those attacks is also helping defenders surface bugs that sat undetected for years.

Headline losses fell 46.8% from the first half of 2025, though that period included the US$1.45 billion (AU$2.09 billion) Bybit hack. Excluding it, CertiK said losses ran about 28% higher year-on-year. 

Some US$115.3 million (AU$166 million) was frozen or recovered, putting net losses near US$1.2 billion (AU$1.73 billion). “The underlying security environment has not improved; in several meaningful respects, it has deteriorated,” the report stated.

Wallet compromise was the costliest vector at US$444.5 million (AU$640.1 million) across 33 incidents. April produced two of the largest single incidents of the half, the US$291 million (AU$419 million) Kelp DAO RPC compromise and the US$285 million (AU$410.4 million) Drift Protocol breach. 

Phishing followed at US$366.3 million (AU$527.5 million) across 63 incidents, with incident volume down 52.3% while losses fell only 10.8%. Four incidents accounted for about 85% of the category’s losses, a shift CertiK attributed to highly targeted social engineering.

Related: SEC Eyes Sweeping Crypto Rule Overhaul Covering Tokens, Trading, and Broker-Dealers

Old Code Draws New Attacks

Code vulnerabilities cost US$151.6 million (AU$218.3 million) across 204 incidents, the highest count of any category, and CertiK identified a growing pattern of attackers targeting legacy contracts more than a year old, aided by improved automated tooling that finds latent vulnerabilities at scale. The firm warned that the window of maximum vulnerability does not close after launch.

Security engineer Taylor Hornby, engaged by Shielded Labs to audit Zcash, found a four-year-old soundness bug in the privacy network’s Orchard shielded pool in late May using a custom auditing agent powered by Anthropic’s Claude. 

The flaw, in the codebase since May 2022, could have allowed undetectable counterfeiting; a patch shipped on June 1, an emergency hard fork followed on June 3, and developers believe no exploitation occurred. ZEC fell about a third on the June 5 disclosure.

Anthropic’s own December research found AI agents uncovered the equivalent of US$4.6 million (AU$6.62 million) in simulated exploits across 405 previously hacked contracts, and surfaced two unknown vulnerabilities while screening 2,849 newer ones.

TRM Labs Global Head of Policy Ari Redbord stated the data argues for continuous review in place of a one-time audit, with attack techniques moving faster than a launch-day audit can account for.

Related: Ripple Secures Full EU MiCA License, Clearing Path for Crypto Expansion Across Europe

The post AI Is Speeding Up Both Hacks and Hunts for Smart Contract Bugs, Security Experts Warn appeared first on Crypto News Australia.

Piyasa Fırsatı
Gensyn Logosu
Gensyn Fiyatı(AI)
$0.0274
$0.0274$0.0274
-2.73%
USD
Gensyn (AI) Canlı Fiyat Grafiği

World Cup Combo: Aim for 200x

World Cup Combo: Aim for 200xWorld Cup Combo: Aim for 200x

Combine up to 20 World Cup matches in one order

Sorumluluk Reddi: Bu sitede yeniden yayınlanan makaleler, halka açık platformlardan alınmıştır ve yalnızca bilgilendirme amaçlıdır. MEXC'nin görüşlerini yansıtmayabilir. Tüm hakları telif sahiplerine aittir. Herhangi bir içeriğin üçüncü taraf haklarını ihlal ettiğini düşünüyorsanız, kaldırılması için lütfen crypto.news@mexc.com ile iletişime geçin. MEXC, içeriğin doğruluğu, eksiksizliği veya güncelliği konusunda hiçbir garanti vermez ve sağlanan bilgilere dayalı olarak alınan herhangi bir eylemden sorumlu değildir. İçerik, finansal, yasal veya diğer profesyonel tavsiye niteliğinde değildir ve MEXC tarafından bir tavsiye veya onay olarak değerlendirilmemelidir.

$5M in SPCX Positions for Free

$5M in SPCX Positions for Free$5M in SPCX Positions for Free

0 fees, 100x leverage, daily prizes, 7K+ stocks/ETFs