Phishing | Crypto

CertiK has urged crypto users not to overlook basic security practices as major crypto hacks spiked in April. Real-time deepfakes, phishing attacks, supply chain compromises and cross-chain vulnerabilities will likely be the root of some of the biggest hacks in 2026, according to CertiK senior blockchain investigator Natalie Newson. The industry has already lost over $600 million to hacks in 2026, due largely to two North Korea-linked crypto thefts in April, including the $293 million Kelp DAO exploit on Saturday involving a single point-of-trust failure in cross-chain messaging protocol LayerZero’s infrastructure, and the $280 million exploit of the Drift Protocol. Another DPRK-linked attack involved the use of AI for social engineering. Crypto wallet Zerion revealed on April 15 that North Korean-affiliated hackers used AI in a long-term social engineering attack to steal about $100,000 from the company’s hot wallets. Read more

Phishing scams continue to impact crypto and Web3 users, prompting the need for vigilance and personal online safety countermeasures. Phishing scams, attacks disguised as legitimate communication or websites designed to steal funds and sensitive information, cost crypto users over $12 million in August, up 72% from July, Web3 anti-scam service Scam Sniffer reported on Saturday. Crypto phishing scams impacted 15,230 victims in August, a 67% increase from July, with the single largest loss costing one user over $3 million, according to Scam Sniffer. The Scam Sniffer team also noted a “sharp escalation” in EIP-7702 signature scams. EIP-7702 is an Ethereum improvement proposal that allows Externally Owned Accounts to act as smart contract wallets that can execute transactions and shift funds. Read more