The warning follows a wave of large-scale attacks that have pushed industry losses past $600 million in the first months of the year.
Crypto News
Phishing attacks, real-time deepfakes, supply chain compromises, and cross-chain vulnerabilities are the threat vectors most likely to drive major crypto exploits through the rest of 2026, according to CertiK senior blockchain investigator Natalie Newson. The warning follows a wave of large-scale attacks that have pushed industry losses past $600 million in the first months of the year.
Two North Korea-linked incidents in April account for the bulk of those losses. The $293 million Kelp DAO exploit on Saturday traced back to a single point-of-trust failure in LayerZero's cross-chain messaging infrastructure. A separate $280 million exploit targeted Drift Protocol.
A third DPRK-affiliated attack, disclosed by crypto wallet Zerion on April 15, involved AI-assisted social engineering. Hackers used AI tools in a sustained operation that ultimately extracted about $100,000 from the company's hot wallets, illustrating how AI is already being applied offensively against crypto platforms.
Newson said AI will make several attack categories harder to defend against. "There are now more convincing deepfakes, autonomous attack agents, and 'agentic AI' that can autonomously scan smart contracts for bugs, draft exploit code and execute attacks at machine speed," she said. A threat actor identified as "Jinkusu" was reported on April 6 to be selling tools designed to bypass Know Your Customer checks at banks and crypto exchanges using deepfakes and voice manipulation.
On the defensive side, Newson said AI is also emerging as a protection tool. She recommended that retail investors verify URLs and smart contract addresses before interacting with them, and consider moving assets they do not use regularly into cold wallets, which allow transaction signing without exposing private keys.
CertiK's December 2025 report put total crypto hacks for that year at $3.3 billion. Supply chain attacks were the most destructive category, accounting for $1.45 billion in losses across just two incidents, including the $1.4 billion Bybit hack in February 2025. The firm said that this level of coordination signals more sophisticated supply chain targeting ahead.
Regulators are responding to the escalation. On April 9, the U.S. Treasury's Office of Cybersecurity and Critical Infrastructure Protection announced it is extending its cybersecurity threat identification program to cover digital asset companies, adding institutional oversight to a sector that has historically managed these risks internally.
This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
