iOS & Android

2026 First Half Web3 Security Report: Attack Frequency Surges 107%, $1.39 Billion Vanished

Author: Beosin

1. Web3 Blockchain Security Landscape Overview for H1 2025

According to Beosin Alert monitoring data, a total of 187 security incidents occurred in the global blockchain space in the first half of 2026, with cumulative losses of approximately $1.390 billion. The frequency of security incidents increased by 107.7% compared to the same period last year, while the total loss amount dropped by 35%. Although loss amounts decreased in the first half of this year, on-chain attacks remain frequent, and the blockchain sector continues to face severe security challenges.

2. Losses by Chain

Ethereum remains the hardest-hit area, with 79 attacks causing approximately $492 million in losses, making it the public chain with the highest loss amount and the most attack incidents.

Solana became the second-highest loss chain, with total losses of about $328 million, due to the massive loss from the Drift Protocol security incident and other DeFi attacks.

The Bitcoin network ranks third, with a whale losing approximately $282 million to a social engineering attack.

3. Types of Targeted Projects

DeFi was the most frequently attacked type and suffered the highest losses. In the first half of 2026, there were 64 DeFi security incidents, accounting for 34.22% of the total incidents, with losses reaching $468 million.

It is worth noting that attacks targeting ordinary users, tokens, and unknown contracts occurred frequently in the first half of this year, with losses reaching $337 million and $303 million respectively, a surge of approximately 274% compared to the same period last year.

4. Analysis of Attack Causes

Social engineering attacks became the top threat, causing total losses of approximately $630 million from attacks targeting project teams and individual whales. Security incidents caused by contract vulnerabilities numbered 94, with total losses of about $713 million; the loss amount remained flat compared to the same period last year, but the frequency increased by 49.21%. In the first half of this year, losses from private key leaks remained roughly flat compared to the same period last year, totaling $99.41 million, with frequency also increasing.

5. Loss Scale Analysis

In the first half of the year, there were 4 security incidents with losses exceeding $100 million (KelpDAO loss of approximately $290 million, Drift Protocol loss of approximately $285 million, an individual whale loss of approximately $282 million, and DSJ Exchange Rug Pull loss of approximately $150 million). The top 10 security incidents accounted for a total loss of about $1.166 billion, representing 83.89% of the total losses.

Additionally, Beosin security team discovered multiple attacks on tokens or old contracts, with BNB Chain experiencing the most at 33 incidents. The loss scale ranged from $10,000 to several hundred thousand dollars. It is speculated that attackers may use AI technology to scan and screen such old contracts in batches, and incidents of this scale are expected to occur more frequently in the future.

6. Security Landscape Summary

Compared with the first half of 2025, losses from attack incidents this half dropped by about 35%. However, if we exclude last year’s single extreme loss of $1.44 billion from the Bybit hack, losses in the first half of this year are severe, concentrated in on-chain ecosystem projects and ordinary users, whose security protections are weaker than those of exchanges. The loss amount for exchanges fell sharply in the first half of this year, but the number of attacks and loss amounts on mainstream public chain ecosystems increased overall.

The most damaging attack in the first half of the year was the KelpDAO hack, which had an enormous negative impact on the DeFi ecosystem. After the attack, the attacker borrowed WETH through lending protocols, leaving users of those protocols with bad debt, including over $200 million in bad debt for Aave. To avoid bearing the bad debt, users began a panicked withdrawal of funds from Aave, placing huge pressure on the liquidity and prices of other crypto assets.

By project type, attack incidents span all areas of Web3: exchanges, DeFi, personal wallets, infrastructure, token contracts, oracles, and more. All Web3 project teams and individual users need to stay vigilant by storing private keys offline, using multi-signature, exercising caution with third-party services, and providing regular security training for privileged employees.

Note*: The above statistical scope includes only publicly traceable on-chain stolen assets. It does not cover small-scale phishing losses, undisclosed internal corporate theft, and other data. Actual loss figures are higher than the reported values.