Global cryptocurrency hacking losses have seen a significant reduction in the first part of 2026, with the total amount of funds stolen falling to $772 million by April. This figure represents a substantial 55% decrease when compared to the $1.71 billion lost by the same point in 2025. The data, highlighted by crypto commentator Haseeb, suggests a potential shift in the landscape of digital asset security.
The current annualized projection for 2026 indicates total losses around $2.3 billion, which would be slightly below the $2.55 billion recorded for the full year 2025. "Turns out, the total amount of funds hacked in 2026 is actually below where we were this point in 2025 ($772M vs $1.71B by April 2025)," Haseeb stated in the tweet. This trend points to a possible improvement in security measures or a change in attacker tactics.
A major contributor to the elevated figures in 2025 was the Bybit exchange hack, which Haseeb referred to as "The giga-bar in 2025." On February 21, 2025, Bybit suffered a security breach resulting in the theft of approximately $1.4 billion to $1.5 billion in Ethereum (ETH), making it one of the largest cryptocurrency heists to date. This incident, attributed to North Korea's Lazarus Group, exploited vulnerabilities in a third-party multi-signature wallet system.
Industry reports from 2025 indicated a trend of fewer but larger-scale hacking incidents, with North Korean state-sponsored groups frequently implicated in high-value attacks. These sophisticated threat actors often target private keys and seed phrases, posing persistent challenges for crypto exchanges and DeFi protocols. The Bybit hack underscored the critical need for robust security infrastructure and continuous vigilance against evolving cyber threats.
While the year-to-date decline in 2026 is a positive sign for the crypto ecosystem, the ongoing threat from sophisticated attackers remains a significant concern. The industry continues to invest in enhanced security protocols and regulatory frameworks to protect digital assets and foster a more secure environment for users and investors. The focus remains on preventing high-impact operations before they can inflict substantial financial damage.
