Crypto Exploit Losses Reach $68 Million In May Despite Limited Phishing Damage
Code vulnerabilities had been answerable for the majority of the injury in May — roughly 66% of the month’s whole losses, or about $45 million.
That breakdown, drawn from information launched by blockchain safety agency CertiK, got here alongside broader figures exhibiting that overall crypto exploit losses fell to $68 million final month, down sharply from $650 million in April.
Where The Losses Came From
Cross-chain bridges took the heaviest hit by class, accounting for 42% of whole losses, or $28.6 million. The greatest single incident was an exploit of Verus Protocol’s cross-chain bridge on May 18, which drained $11.5 million. THORChain was subsequent, shedding $10 million after an assault in mid-May pressured the protocol to halt buying and selling.
Wallet and personal key compromises ranked second by way of greenback injury, with $13.7 million stolen by way of that methodology. DeFiLlama information counted practically 30 separate incidents in May, seven of which concerned compromised personal keys.
The last two reported incidents got here on May 30 — the Alephium Bridge and Gravity Bridge had been every hit, shedding $815,000 and $5.4 million respectively.
Combining all of the incidents in May we’ve confirmed ~$68.3M misplaced to exploits with
~$2.6M of the overall attributed to phishing.After a very unhealthy April, May is now the third month of 2026 to document losses below 100M$.
More particulars under
pic.twitter.com/GSWTLKXWDH
— CertiK Alert (@CertiKAlert) May 31, 2026
Crypto: A New Threat Takes Shape
Phishing assaults had been comparatively minor, answerable for simply $2.6 million of the month’s losses. About $9.4 million was recovered or returned throughout the interval. CertiK famous that May marks the third month of 2026 through which whole losses stayed under $100 million.
April’s toll, against this, was the worst since March 2022 if the $1.5 billion Bybit hack in February 2025 is put aside. A single exploit of Kelp DAO that month accounted for $291 million of the injury.
AI-Assisted Malware On The Rise
A separate however rising risk emerged in May as unhealthy actors started utilizing synthetic intelligence to develop malware aimed toward crypto and AI builders.
Attacks focused code repositories and tried to trick AI-powered coding assistants into executing malicious actions — a tactic that broadens the assault floor past conventional sensible contract flaws.
May’s comparatively decrease losses don’t imply the risk has handed. Bridges and code vulnerabilities stay the 2 most exploited areas within the house, and the introduction of AI-assisted assault instruments indicators that the strategies getting used in opposition to the business are nonetheless altering.
Featured picture from Unsplash, chart from TradingView
