{"id":97597,"date":"2026-06-01T21:03:01","date_gmt":"2026-06-01T21:03:01","guid":{"rendered":"https:\/\/dogewisperer.com\/?p=97597"},"modified":"2026-06-01T21:03:01","modified_gmt":"2026-06-01T21:03:01","slug":"crypto-exploit-losses-reach-68-million-in-may-despite-limited-phishing-damage","status":"publish","type":"post","link":"https:\/\/dogewisperer.com\/?p=97597","title":{"rendered":"Crypto Exploit Losses Reach $68 Million In May Despite Limited Phishing Damage"},"content":{"rendered":"<div>\n<p>Code vulnerabilities were responsible for the bulk of the damage in May \u2014 roughly 66% of the month\u2019s total losses, or about $45 million.<\/p>\n<p>That breakdown, drawn from data released by blockchain security firm CertiK, came alongside broader figures showing that <a href=\"https:\/\/x.com\/CertiKAlert\/status\/2061055092686758378\" rel=\"nofollow\">overall crypto exploit losses<\/a> fell to $68 million last month, down sharply from $650 million in April.<\/p>\n<h2>Where The Losses Came From<\/h2>\n<p>Cross-chain bridges took the heaviest hit by category, accounting for 42% of total losses, or $28.6 million. The biggest single incident was an exploit of Verus Protocol\u2019s cross-chain bridge on May 18, which drained $11.5 million. THORChain was next, losing $10 million after an attack in mid-May forced the protocol to halt trading.<\/p>\n<p>Wallet and private key compromises ranked second in terms of dollar damage, with $13.7 million stolen through that method. DeFiLlama data counted nearly 30 separate incidents in May, seven of which involved compromised private keys.<\/p>\n<p>The final two reported incidents came on May 30 \u2014 the Alephium Bridge and Gravity Bridge were each hit, losing $815,000 and $5.4 million respectively.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\"><a href=\"https:\/\/x.com\/hashtag\/CertiKStatsAlert?src=hash&amp;ref_src=twsrc%5Etfw\" rel=\"nofollow\">#CertiKStatsAlert<\/a> <img decoding=\"async\" src=\"https:\/\/s.w.org\/images\/core\/emoji\/17.0.2\/72x72\/1f6a8.png\" alt=\"\ud83d\udea8\" class=\"wp-smiley\" style=\"height: 1em; max-height: 1em;\"><\/p>\n<p>Combining all the incidents in May we\u2019ve confirmed ~$68.3M lost to exploits with<br \/>\n~$2.6M of the total attributed to phishing.<\/p>\n<p>After a particularly bad April, May is now the third month of 2026 to record losses under 100M$.<\/p>\n<p>More details below <img decoding=\"async\" src=\"https:\/\/s.w.org\/images\/core\/emoji\/17.0.2\/72x72\/1f447.png\" alt=\"\ud83d\udc47\" class=\"wp-smiley\" style=\"height: 1em; max-height: 1em;\"> <a href=\"https:\/\/t.co\/GSWTLKXWDH\" rel=\"nofollow\">pic.twitter.com\/GSWTLKXWDH<\/a><\/p>\n<p>\u2014 CertiK Alert (@CertiKAlert) <a href=\"https:\/\/x.com\/CertiKAlert\/status\/2061055092686758378?ref_src=twsrc%5Etfw\" rel=\"nofollow\">May 31, 2026<\/a><\/p>\n<\/blockquote>\n<h2>Crypto: A New Threat Takes Shape<\/h2>\n<p><a href=\"https:\/\/www.cloudflare.com\/learning\/access-management\/phishing-attack\/\" target=\"_blank\" rel=\"noopener nofollow\">Phishing<\/a> attacks were comparatively minor, responsible for just $2.6 million of the month\u2019s losses. About $9.4 million was recovered or returned during the period. <a href=\"https:\/\/www.certik.com\/\" target=\"_blank\" rel=\"noopener nofollow\">CertiK<\/a> noted that May marks the third month of 2026 in which total losses stayed below $100 million.<\/p>\n<p>April\u2019s toll, by contrast, was the worst since March 2022 if the $1.5 billion Bybit hack in February 2025 is set aside. A single exploit of Kelp DAO that month accounted for $291 million of the damage.<\/p>\n<p><img fetchpriority=\"high\" decoding=\"async\" class=\"size-full\" src=\"https:\/\/www.tradingview.com\/x\/Ywu0DmkC\/\" width=\"1814\" height=\"921\"><br \/>\nAI-Assisted Malware On The Rise<\/p>\n<p>A separate but growing threat emerged in May as bad actors began using artificial intelligence to develop <a href=\"https:\/\/www.cisco.com\/site\/us\/en\/learn\/topics\/security\/what-is-malware.html\" target=\"_blank\" rel=\"noopener nofollow\">malware<\/a> aimed at crypto and AI developers.<\/p>\n<p>Attacks targeted code repositories and attempted to trick AI-powered coding assistants into executing malicious actions \u2014 a tactic that broadens the attack surface beyond traditional smart contract flaws.<\/p>\n<p><img loading=\"lazy\" data-recalc-dims=\"1\" decoding=\"async\" class=\"aligncenter size-full wp-image-683101\" src=\"https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?resize=1024%2C576\" alt=\"\" width=\"1024\" height=\"576\" srcset=\"https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=3477 3477w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=640 640w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=768 768w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=980 980w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=1536 1536w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=2048 2048w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=750 750w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=1140 1140w, https:\/\/bitcoinist.com\/wp-content\/uploads\/2026\/06\/a.jpg?w=3000 3000w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\"><\/p>\n<p>May\u2019s relatively lower losses do not mean the threat has passed. Bridges and code vulnerabilities remain the two most exploited areas in the space, and the introduction of AI-assisted attack tools signals that the methods being used against the industry are still changing.<\/p>\n<p><em>Featured image from Unsplash, chart from TradingView<\/em><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Code vulnerabilities were responsible for the bulk of the damage in May \u2014 roughly 66% of the month\u2019s total losses, or about $45 million. That breakdown, drawn from data released by blockchain security firm CertiK, came alongside broader figures showing that overall crypto exploit losses fell to $68 million last month, down sharply from $650 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"iawp_total_views":0,"footnotes":""},"categories":[2],"tags":[3,4,5],"class_list":["post-97597","post","type-post","status-publish","format-standard","hentry","category-news","tag-crypto","tag-doge","tag-news"],"_links":{"self":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/97597","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=97597"}],"version-history":[{"count":0,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=\/wp\/v2\/posts\/97597\/revisions"}],"wp:attachment":[{"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=97597"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=97597"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dogewisperer.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=97597"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}