After a particularly damaging April, losses from hacks and exploits in the decentralized finance (DeFi) space decreased significantly in May. According to data from blockchain security firm CertiK, these losses fell from almost $650 million in April to $68.3 million in May. This makes May the third month of the year to see exploit-related losses below $100 million.
CertiK reported on X that phishing scams caused around $2.6 million in losses during May, but about $9.4 million was either recovered or returned to those affected. They also highlighted that May was the third month this year with crypto exploit losses under $100 million. However, security experts caution that a decrease in losses doesn’t mean a decrease in danger, as attackers are constantly finding new ways to exploit vulnerabilities in various platforms.
🚨 Security Alert from CertiK: In May, confirmed exploits resulted in approximately $68.3 million in losses, with $2.6 million of that due to phishing attacks. While April was worse, May marks the third month this year with exploit losses under $100 million. See details below for more information. 👇
— CertiK Alert (@CertiKAlert) May 31, 2026
Bridge attacks lead monthly losses
Although cryptocurrency losses due to hacks and scams decreased in May, criminals still focused on key parts of the crypto world. Bridges between different blockchains and decentralized finance (DeFi) platforms were especially at risk, and several significant attacks showed that security problems continue to exist.
May saw two significant cryptocurrency hacks. Verus Protocol lost around $11.5 million on May 18th due to a vulnerability in its cross-chain bridge, and THORChain experienced a separate hack resulting in approximately $10.1 million in losses.
In May, attacks on cross-chain bridges resulted in about $28.6 million in losses, representing almost 42% of all attacks. Decentralized finance (DeFi) platforms remained a target, with attackers focusing on systems with significant funds available.
Most of the financial damage came from weaknesses in code. Hackers took advantage of flaws in software to steal roughly $45 million – nearly two-thirds of all losses. Another $13.7 million was lost because of compromised wallets and private keys, highlighting that both software bugs and mistakes made by users continue to be major ways attackers gain access.
Lazarus expands its malware playbook
Security experts have identified new threats beyond just weaknesses in the underlying technology. A researcher at CertiK connected a recent malware attack to the Lazarus Group, a hacking organization believed to be based in North Korea. This attack, named “Mach-O Man,” specifically targets people using macOS who work with cryptocurrency or in the financial industry.
The Lazarus Group has recently launched a new malware kit called “Mach-O Man” specifically designed for macOS devices. It targets companies in the financial technology and cryptocurrency sectors, as well as high-profile executives. The attack typically begins with a seemingly urgent meeting invitation sent via Telegram, leading to a deceptive website disguised as a legitimate Zoom, Teams, or Google Meet platform.
— Vladimir S. | Officer’s Notes (@officer_secret) April 21, 2026
Attackers are using Telegram to trick people with fake meeting invites. When victims click the links in these invites, they’re directed to bogus video call pages that secretly install harmful software on their devices. This allows the attackers to gain control of the device and steal private information.
AI raises new security concerns
According to security professionals, artificial intelligence is fueling an increase in crypto attacks, making them both quicker and more difficult to prevent. So far this year, hackers have stolen around $16.56 billion worth of cryptocurrency. A significant portion of these losses – $7.78 billion – occurred within the decentralized finance (DeFi) sector, and exploits targeting crypto bridges accounted for another $3.24 billion.
According to OpenZeppelin founder Manuel Aráoz, artificial intelligence is changing the game in cybersecurity. He explains that AI-powered tools are incredibly effective at discovering weaknesses in code, and the current situation with smart contract security is unbalanced. Security teams have to address *every* flaw, while attackers only need to find a single vulnerability to cause damage.
Even with better security measures, experts believe this existing problem could continue to leave cryptocurrency platforms vulnerable to threats.
Read More
- USD PHP PREDICTION
- Gold Rate Forecast
- USD MXN PREDICTION
- Brent Oil Forecast
- USD CNY PREDICTION
- GBP CNY PREDICTION
- EUR USD PREDICTION
- EUR CNY PREDICTION
- Senate’s CLARITY Act: A July 4th Fireworks Display or Political Fire Sale?
- JPY KRW PREDICTION
2026-06-01 10:29