CertiK Identifies Deepfakes, Phishing, and Supply Chain Breaches as Top Crypto Security Threats for 2026
As cryptocurrency hacks surged dramatically in April, blockchain security firm CertiK emphasizes the critical importance of fundamental security measures for crypto users.
According to Natalie Newson, senior blockchain investigator at CertiK, the cryptocurrency industry should brace for major security breaches in 2026 stemming from real-time deepfake technology, phishing schemes, supply chain infiltrations, and vulnerabilities in cross-chain operations.
By 2026, the crypto sector has already witnessed losses exceeding $600 million due to hacking incidents, with the bulk of these losses traced to two major cryptocurrency thefts in April linked to North Korea. Among these was the Kelp DAO breach on Saturday, resulting in $293 million stolen through a single point-of-trust vulnerability in the cross-chain messaging protocol LayerZero's infrastructure, along with the Drift Protocol attack that cost $280 million.
An additional attack attributed to DPRK-affiliated actors demonstrated the use of artificial intelligence for social engineering purposes. On April 15, cryptocurrency wallet provider Zerion disclosed that hackers with ties to North Korea deployed AI technology in an extended social engineering campaign, successfully extracting approximately $100,000 from the company's hot wallet infrastructure.
Newson cautioned that the rapid advancement of artificial intelligence will, "in some aspects," serve to intensify and worsen the severity of attacks targeting cryptocurrency platforms.
"The best way for investors to protect themselves is to be aware of the current threats they may face... For instance, to protect yourself against phishing, always verify the authenticity of URLs and smart contracts," Newson said.
As exploit techniques grow increasingly complex and sophisticated, Newson recommended that retail investors consider storage alternatives beyond traditional cryptocurrency exchanges.
"Using cold wallets can help keep assets that you don't use regularly safe and allows you to sign transactions without ever exposing your private keys," she said.
AI could be used to defend against attacks
"There are now more convincing deepfakes, autonomous attack agents, and 'agentic AI' that can autonomously scan smart contracts for bugs, draft exploit code and execute attacks at machine speed," she said.
On April 6, Cointelegraph reported that a threat actor known as "Jinkusu" was allegedly selling cybercrime tools designed to bypass Know Your Customer (KYC) checks at banks and crypto platforms, using deepfakes and voice manipulation.
"At the same time, AI can also be one of the biggest defenses," said Newson.
A recent Cointelegraph report highlighted how the growing adoption of AI has resulted in a substantial increase in bug bounty program submissions, including both legitimate and fraudulent entries. Anthropic's AI model Claude Mythos, which purports to possess capabilities for discovering security flaws in major operating systems, has been distributed on a defensive basis to a select group of technology companies.
Regulators are escalating in response
In December 2025, CertiK disclosed to Cointelegraph that cryptocurrency hackers had successfully stolen $3.3 billion throughout 2025.
According to the security firm, supply-chain compromises represented the most destructive category of threats, responsible for $1.45 billion in stolen funds across merely two separate incidents, with the $1.4 billion Bybit hack in February 2025 being the most significant.
"The Bybit exploit signals that well-capitalized, well-coordinated threat actors are becoming more active across the ecosystem," the report said, predicting a rise in the "sophistication" of supply chain attacks as attackers target more infrastructure providers.
Regulatory bodies are taking action in response. On April 9, the US Department of the Treasury's Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) announced on Thursday that it is expanding its cybersecurity threat identification program to include digital asset companies.