{"id":26556,"date":"2026-04-21T21:07:57","date_gmt":"2026-04-21T21:07:57","guid":{"rendered":"https:\/\/bitunikey.com\/news\/crypto-hacks-top-17b-in-a-decade-as-attackers-pivot-from-code-to-keys\/"},"modified":"2026-04-21T21:08:21","modified_gmt":"2026-04-21T21:08:21","slug":"crypto-hacks-top-17b-in-a-decade-as-attackers-pivot-from-code-to-keys","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/crypto-hacks-top-17b-in-a-decade-as-attackers-pivot-from-code-to-keys\/","title":{"rendered":"Crypto hacks top $17b in a decade as attackers pivot from code to keys"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">DefiLlama logs 518 crypto hacks and over $17b in losses in 10 years, with attackers shifting from smart contracts to keys, bridges and wallets, as rsETH loses ~$290m.<\/p>\n<div id=\"cn-block-summary-block_22a3000125efe0cd9c46c0b1bd0c2673\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>DefiLlama has logged 518 crypto hacking incidents over the past 10 years, with total losses above $17 billion.<\/li>\n<li>A growing share of that damage comes from private key leaks, phishing and credential theft rather than pure smart contract bugs.<\/li>\n<li>The latest example is Kelp DAO\u2019s rsETH bridge exploit, which drained about 116,500 rsETH worth roughly $290\u2013$293 million \u2014 2026\u2019s largest DeFi hack so far.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>Crypto\u2019s security bill over the past decade has quietly climbed past $17 billion, according to DefiLlama data cited by Cointelegraph, with at least 518 documented hacks and exploits hitting exchanges, DeFi protocols, bridges and wallets since 2014. That figure captures everything from early exchange blow\u2011ups to today\u2019s sophisticated cross\u2011chain attacks, and it comes even as the overall pace of large on\u2011chain exploits has slowed from peak\u2011mania years like 2021\u20132022.<\/p>\n<h2 class=\"wp-block-heading\">A decade of $17b in crypto losses<\/h2>\n<p>Under the surface, however, the composition of those losses is shifting. Where early DeFi hacks often hinged on smart contract bugs and unchecked flash\u2011loan logic, recent incidents show attackers increasingly targeting the soft tissue around crypto \u2014 private keys, signing infrastructure and user devices \u2014 with credential theft, social engineering and SIM\u2011swap\u2011style attacks. Security firms told Cointelegraph that they expect 2026 to bring more advanced phishing and AI\u2011assisted scams capable of tricking even technically savvy users into signing malicious transactions or revealing seed phrases.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h1 class=\"wp-block-heading\" id=\"from-smart-contracts-to-bridges-and-wallets\">From smart contracts to bridges and wallets<\/h1>\n<p>Bridge infrastructure has been a particular weak point. DefiLlama\u2019s hacks dashboard shows that bridges account for almost $3 billion of the roughly $11.8 billion it categorises as \u201ctotal value hacked,\u201d with large single incidents like the Ronin, Wormhole and Multichain exploits setting the tone for cross\u2011chain risk. The latest addition to that list is Kelp DAO\u2019s rsETH cross\u2011chain bridge, which was hit on April 18 after an attacker forged a cross\u2011chain message on a LayerZero\u2011based link and minted or released 116,500 rsETH to an attacker\u2011controlled address.<\/p>\n<p>Those tokens \u2014 representing \u201crestaked\u201d Ether \u2014 were worth about $290\u2013$293 million at the time, or roughly 18% of rsETH\u2019s total supply, and have been called the largest DeFi exploit of 2026 so far by outlets including Bloomberg. The incident forced Kelp DAO to pause the bridge, coordinate emergency responses with exchanges and protocols, and sparked a blame game over LayerZero\u2019s default single\u2011validator configuration, which critics argue left the system effectively one\u2011key\u2011away from catastrophic minting.<\/p>\n<p>Even away from headline\u2011grabbing exploits, everyday credential compromises continue to rack up damage. DefiLlama data cited by Cointelegraph shows that in the first quarter of 2026 alone, hackers stole about $168.6 million from 34 DeFi protocols, with the largest single hit \u2014 a $40 million Step Finance theft \u2014 traced back to a private key compromise rather than a pure code bug. That trend suggests DeFi\u2019s smart contract security is slowly hardening, while attackers respond by moving upstream into the tools and human processes that sit between wallets and protocols.<\/p>\n<p>For users and teams, the lesson is brutal but clear: audits and formal verification are necessary, but not sufficient. Hardware keys, multi\u2011sig schemes, segregated signing devices, strict key\u2011management policies, and relentless phishing hygiene are now as critical to safeguarding crypto as gas optimisations and bug bounties ever were \u2014 because it only takes one compromised credential to turn another line in DefiLlama\u2019s hacks database into a nine\u2011figure loss.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>DefiLlama logs 518 crypto hacks and over $17b in losses in 10 years, with attackers shifting from smart contracts to keys, bridges and wallets, as rsETH loses ~$290m. Summary DefiLlama&hellip;<\/p>\n","protected":false},"author":1,"featured_media":16591,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-26556","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/26556","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=26556"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/26556\/revisions"}],"predecessor-version":[{"id":26557,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/26556\/revisions\/26557"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/16591"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=26556"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=26556"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=26556"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}