📰 Key Highlights
In H1 2026, crypto hack losses fell 46.8% year-over-year to $1.32 billion, but blockchain security firm CertiK says the drop in total losses doesn’t mean Web3 is getting safer. CertiK told Cointelegraph that the decline looks dramatic mainly because the 2025 baseline was inflated by the $1.4 billion Bybit hack — the largest single crypto heist in history — not because defenses improved across the board this year. Zooming into Q2 2026, more than 70% of losses came from just two incidents: exploits against KelpDAO and Drift Protocol, most of which are attributed to North Korean state-sponsored hacking groups. This confirms North Korean hackers remain a major ongoing threat to the crypto industry — TRM Labs estimated back in April that North Korean hackers have stolen more than $6 billion in crypto assets since 2017. The original piece didn’t include technical details on the attack vectors used against KelpDAO and Drift Protocol; see the source link for the full breakdown.
💬 JudyAI Lab Take
Per CertiK’s H1 2026 data, crypto hack losses dropped 46.8% YoY to $1.32B — but that’s mostly because 2025 was inflated by Bybit’s record $1.4B heist, not because defenses actually got better. And when you zoom into Q2, over 70% of the losses came from just two incidents (KelpDAO and Drift Protocol), most blamed on North Korean state-sponsored groups.
The thing worth paying attention to here, especially if you’re an AI builder, is how misleading aggregate metrics can be. Looking at a single summary number going down makes it easy to conclude “the system is getting safer overall” — but when you break it apart, it’s usually a handful of massive outliers dominating the distribution. This is exactly the same mistake people make when monitoring AI product metrics: averages, totals, and pass-rate-style aggregates constantly hide real risk concentration behind a few extreme events. The fact that North Korean groups have run sustained, targeted campaigns (TRM Labs estimates $6B+ stolen since 2017) is also a reminder that these threats are persistent and organized — not random. When you design defenses, you should assume the same adversary will keep trying the same playbook.
So next time you see any “overall down/improving” security or performance report, ask one question first: is this number being driven by a few extreme outliers? Break it down to the individual-event level before you draw conclusions.
📅 Source Info
- Published: 2026-07-14T10:39
- Original article: https://cointelegraph.com/news/dragonfly-defi-ai-hackpocalypse-fears?utm_source=rss_feed&utm_medium=rss_tag_ai&utm_campaign=rss_partner_inbound