CertiK’s March 2026 security report confirms $59,509,931 lost to exploits, phishing, and scams – with just $21,912 returned. That is a recovery rate of 0.04%.
Wallet compromise led all categories at $26,846,293, followed closely by phishing at $21,408,097. Together the two account for over 80% of March’s total losses. By attack type, DeFi protocols suffered the most at $32.8M, followed by social engineering at $18M.
The single largest exploit was Resolv, which lost $26,846,293 to a wallet compromise.
Zooming out, Q1 2026 closed with $501M in confirmed losses across 145 incidents per CertiK. That figure represents a significant drop from Q1 2025’s $1.67B, though the comparison requires context. Last year’s total was heavily distorted by the $1.4B Bybit hack.
Excluding that single incident, the quarter-on-quarter improvement looks considerably less reassuring.
Also Read: Bitcoin Monthly Close: 5 Months In the Red, But Bulls Are Watching THIS Signal
As the report dropped, a live incident was already unfolding. An unknown Kraken user lost $18.2M in a suspected social engineering attack, with the threat actor bridging stolen funds from Ethereum to Bitcoin via THORChain. The incident was flagged by on-chain investigator ZachXBT.
The Kraken victim was not compromised through a technical exploit. According to ZachXBT, the attacker used social engineering to manipulate the user into surrendering access to their funds.
The Kraken attacker is routing stolen funds through THORChain, the decentralised cross-chain protocol that has appeared repeatedly as the laundering route of choice in major 2026 thefts. THORChain is permissionless by design, which means there is no mechanism to freeze or intercept funds once they are in motion.
Social engineering has replaced code exploits as the dominant attack vector in 2026. The Kraken incident is a direct illustration of that shift.
Users should enable hardware wallets, multi-factor authentication, and verify all communications to prevent social engineering and unauthorized access.
As social engineering overtakes technical exploits, investors may face higher personal risk, increasing demand for user education and security-focused services.
Individual users and smaller DeFi participants are most at risk, as attackers exploit human error rather than weaknesses in blockchain code.
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.
The XP token isn’t cooling off quietly. After exploding 300% from roughly $0.019 to $0.082…
Something weird is happening around Ozone Chain and its token OZO. While heavyweight AI and…
AI coins are ripping again, and no, this isn’t one of those overnight “next big…
The Solana price prediction faces new pressure as SOL fell to $85.45 during a wider…
Dash has emerged as one of the top-performing cryptos over the past 24 hours, recording…
Ethereum price action is beginning to flash fresh warning signs as a combination of whale…
