Crypto Hacks Leading $17B Private Key Compromise
Private key agreements are emerging as one of crypto's most expensive attack vectors, with hackers stealing more than $17 billion in 518 incidents over the past decade, according to data platform Defillama.
In the data shared on Tuesday, Defilama's dashboard shows a large share of stolen private keys from phishing and other credential-based attacks.
About 22.3% of the incidents were caused by “brutal” private key agreements, 18.2% were caused by “unknown methods” of private key agreements, and 10% were caused by phishing attacks on multi-signature wallets.
Statistics show that some of the industry's biggest losses are increasingly coming from weaknesses in wallet security, infrastructure and user behavior rather than flaws in protocol code.
The findings come after the crypto industry suffered its biggest hack yet in 2026 on Saturday, after an attacker reinvested 116,500 ether (rsETH), worth between $290 million and $293 million at the time, from the rETH bridge operated by kelp dao LayerZero.
DeFi protocols lost 600 million dollars in two months: GSR study
The recent wave of bankruptcies has also hit decentralized finance. More than $600 million has been stolen from DeFi protocols in the past 60 days, according to a Monday report from crypto trading firm GSR, which involved the Kelp exploit and the April 1st exploit involving the Solana-based decentralized exchange Drift Protocol.
The attacks are raising new questions about whether improving smart contract audits alone is enough to protect users. In the report, GSR said that as smart contract security continues to improve, attackers appear to be moving toward “operational security, signing infrastructure, developer tools, and the people behind them.”
That shift is putting pressure on a sector that is already experiencing tight returns. “DeFi products have been compressed to TradFi rates, raising the question of whether onchain storage is still worth the risk,” GSR wrote.
“Lazy” hacking is on the rise thanks to AI and malware.
Cybersecurity companies say advances in malware and artificial intelligence are making it easier to target social engineering and wallet attacks, in which fraudsters trick victims into sending crypto to illegitimate addresses by first sending small transactions where investors copy and paste the attacker's address from the transaction history.
Related: ZachXBT Asks MemeCore to Clarify Evaluation and Token Offering
The rise of hacking as a service tools is also lowering the barrier to entry for attackers, according to Daima Budorin, founder and CEO of the cybersecurity firm.
Budorin told Cointelegraph in an interview at EthCC 2026, “If people are getting these links, their wallets can be completely drained.” “The platform on the darknet takes the commission for their tools and [scammers] Find the largest share of flush wallets.
Budorin added that hackers usually look for the easiest targets that require the least amount of effort to scam.
Web3 Projects In the first quarter of 2026, they lost $482 million, as phishing and social engineering scams accounted for $306 million in losses as the largest attack vector, according to Hacken's report.
Even so, some parts of the threat picture have improved. According to Scam Sniffer's January report, losses associated with crypto-phishing attacks have dropped significantly by 2025, suggesting that users are becoming more aware of the threat, even as wallet-swimming scripts and new types of malware continue to proliferate.
Magazine: 53 DeFi Projects Hacked, 50M NEO Tokens May Be ‘Reclaimed': Asia Express
