May Crypto Security Breaches Plummet 90% to $68M, CertiK Reports
According to CertiK, May marks the third occasion in 2026 where cryptocurrency exploit losses have remained below the $100 million threshold.
The value of assets stolen from cryptocurrency platform exploits dropped to $68.3 million during May, representing a nearly 90% decrease compared to April's $650 million in losses, according to blockchain security firm CertiK.
"After a particularly bad April, May is now the third month of 2026 to record losses under [$100 million]," CertiK posted to X on Sunday.
Phishing attacks accounted for approximately $2.6 million of the total cryptocurrency theft in May, while around $9.4 million worth of stolen assets was either recovered or voluntarily returned, the security firm noted.
When excluding the massive $1.5 billion Bybit breach that occurred in February 2025, April represented the month with the greatest recorded losses since March 2022, with Kelp DAO's $291 million exploit being the most significant incident during that period.
The most substantial exploit in terms of financial damage last month occurred on May 18, when Verus Protocol's cross-chain bridge suffered an $11.5 million theft. The second-largest incident involved THORChain, which lost $10.1 million to an exploit in the middle of May.
Vulnerabilities in code represented the category responsible for the greatest value of losses throughout the month, accounting for approximately 66% of the total amount, which translates to roughly $45 million in stolen assets. Compromises involving wallets or private keys ranked as the second most expensive category, with $13.7 million in thefts.
In terms of targeting, cross-chain bridges bore the brunt of the attacks, suffering $28.6 million in losses, which equals 42% of the total monthly theft. Decentralized finance protocols came in as the second-most targeted category.
According to information from DeFiLlama data, May witnessed a total of 29 separate security incidents, with seven of those cases involving the compromise of private keys.
The two most recent security breaches, both documented on May 30, targeted the Alephium Bridge and Gravity Bridge platforms, which lost $815,000 and $5.4 million respectively as a result of compromised private keys.
Additionally, malware created with the help of artificial intelligence assistance has experienced an uptick, as bad actors focused their efforts on cryptocurrency and AI developers throughout May by infiltrating code repositories and manipulating AI coding assistants.