certik

Web3 security company CertiK has released the "Skynet North Korea Cyber Threat Report." The data shows that since 2016, North Korean hacker groups have plundered approximately $6.75 billion in digital assets. In 2025 alone, the losses from thefts they orchestrated reached as high as $2.06 billion, accounting for nearly 60% of the total losses in the global cryptocurrency industry for the entire year (including the $1.5 billion Bybit theft case). As of early 2026, this threat trend continues, with losses accounting for about 55%.The report emphasizes that the attack patterns of North Korean hackers have undergone a fundamental shift, evolving from simple code vulnerability exploitation to a national-level attack system that combines social engineering, deep supply chain attacks, and "physical infiltration." In the recent Drift protocol incident, attackers even spent six months lurking at offline industry conferences, establishing trust through real funds and interpersonal interactions before executing their attack.CertiK security experts warn that in the face of such systemic attacks, simple technical defenses have become weak. Cryptocurrency institutions urgently need to fully implement a "zero trust" hiring model, strengthen third-party supply chains, establish fund circuit breaker mechanisms, and collaborate with professional security organizations to build a comprehensive lifecycle defense system covering code audits, round-the-clock risk monitoring, and on-chain anti-money laundering/KYT (Know Your Transaction) fund tracking.

According to a report by The Block, the crypto security firm CertiK released a report today indicating that in the first four months of 2026, there have been 34 confirmed cases of crypto "ransom attacks" globally (i.e., offline physical assaults and extortion targeting crypto asset holders), an increase of 41% compared to the same period in 2025, with total losses for victims amounting to approximately $101 million. If the trend continues, the total number of incidents for the year is expected to reach around 130, with losses potentially soaring to hundreds of millions of dollars.In terms of geographical distribution, out of the 34 incidents, 28 (82%) occurred in Europe, with France being particularly notable, having recorded 24 incidents in just the first four months of 2026, surpassing the total of 20 incidents for the entire year of 2025. CertiK attributes this to France's hosting of flagship crypto companies like Ledger and Binance, frequent data breaches, and a prevalent culture of "showing off wealth and doxxing" within the community. In contrast, the number of reported incidents in the United States dropped from 9 in 2025 to 3 in the first quarter, while Asia saw a decrease from 25 to 2.Regarding attack patterns, CertiK pointed out that criminal groups have shifted to a "data-driven targeting" model, reducing the need for on-site reconnaissance by purchasing victims' names, addresses, and asset information from data intermediaries. This year, over half of the incidents involved threats or direct harm to victims' family members (spouses, children, elderly parents) as a means of exerting pressure. In terms of execution, small groups of 3 to 5 individuals typically operate through

According to CertiK Alert monitoring, the total losses from cryptocurrency security incidents in the month of 2026 amounted to approximately $651 million, of which about $3.5 million originated from phishing attacks. This is the highest single-month loss recorded since 2022, second only to the Bybit theft incident in 2025.

CertiK and RootData announced a strategic partnership to jointly launch a dual benchmark brand program focused on security and transparency, aiming to make "security + transparency" a dual hard indicator of the trust system in the Web3 industry.It is reported that CertiK is a global leader in Web3 security services, and its Skynet platform conducts multidimensional security assessments of projects through a security scoring system; RootData is an industry-leading Web3 asset data platform that has innovatively constructed a transparency scoring model covering dimensions such as token economics, team background, and compliance audits.In this collaboration, CertiK will leverage RootData's standardized data interface to enrich the data dimensions and coverage of security ratings; RootData will rely on CertiK's professional security assessment capabilities to inject authoritative calibration basis into its transparency scoring. Both parties will jointly promote the "CertiK Skynet Score + RootData Transparency Score" dual assessment standard, providing a reliable reference benchmark that combines security and transparency for project parties, exchanges, investment institutions, and users.

According to monitoring by blockchain security firm CertiK, the Wasabi Protocol has experienced a security breach, with approximately $2.9 million in funds stolen. Preliminary investigations indicate that the attacker gained privileged roles after compromising the wallet deployed by Wasabi, subsequently carrying out the attack.The stolen funds are currently dispersed across the following addresses: 0xb8Bb...70dB (approximately $677,000) and 0x6244...f906 (approximately $1.1 million), and the incident is still under investigation.

According to market news, attackers launched an attack on Syndicate by infiltrating the Commons cross-chain bridge. The related address acquired approximately 18.5 million SYND tokens and sold them for a profit of about $330,000, with the funds having been transferred to Ethereum.

Web3 security company CertiK released the report "2026 Digital Asset Regulatory Status," systematically outlining global regulatory trends. The report indicates that by 2026, the regulatory frameworks in major jurisdictions will have basically been established, and the industry is entering a phase of full compliance. The report shows that anti-money laundering enforcement has replaced the definition of securities attributes as the primary regulatory risk, with global anti-money laundering-related fines exceeding $900 million in the first half of 2025, and transaction monitoring capabilities becoming a core compliance requirement.At the same time, smart contract security audits are evolving from industry best practices to entry requirements, becoming essential for license approval and token listings. Additionally, global stablecoin regulatory frameworks are becoming more consistent, generally establishing principles such as full reserves and licensed issuance; however, differences in cross-jurisdictional regulation still pose compliance challenges. The report points out that with regulatory convergence and strengthened enforcement, the industry has entered the "strong compliance era." CertiK states that the core issue facing enterprises is shifting from "Are we compliant?" to "Can we quickly build and implement compliance capabilities?" Licensing in multiple regions, investments in anti-money laundering, and ongoing security audits are becoming the foundational thresholds for institutional development.

According to CertiK senior blockchain investigator Natalie Newson, real-time deepfakes, phishing, supply chain attacks, and cross-chain vulnerabilities will be the main sources of crypto hacking attacks.To date, the industry has lost over $600 million due to hacking attacks, including the $293 million vulnerability incident at Kelp DAO and the $280 million theft incident at Drift Protocol, both of which are related to North Korean hacker groups. Newson warned that the accelerated development of AI will make attack methods more complex, including more realistic deepfakes, autonomous attack agents, and "agent AI" that can automatically scan for vulnerabilities in smart contracts, but AI can also serve as a defense tool. CertiK advises investors to verify the authenticity of URLs and use cold wallets to store assets to reduce risk.

According to CertiK monitoring, the DeFi protocol Rhea Finance was attacked, with attackers extracting at least $7.6 million in total.The attackers misled the oracle and validation layer to complete the attack by creating fake token contracts and injecting liquidity into newly created funding pools.

Blockchain security company CertiK stated that in March 2026, a total of 46 security incidents were recorded, with total losses of approximately $39.8 million (excluding phishing). This is the highest number of recorded security incidents in a month since November 2024.CertiK also mentioned that after reaching a low point in the third quarter of 2025, the number of security incidents increased in the fourth quarter of 2025 and the first quarter of 2026, with the exploitation of code vulnerabilities becoming more frequent, possibly related to the rise of artificial intelligence.

According to CertiK's latest report, losses from cryptocurrency ATM scams in the U.S. will reach $333 million by 2025, with the FBI receiving over 12,000 complaints, a 33% increase year-on-year. CertiK points out that cryptocurrency ATMs can convert cash into cryptocurrency within 5 minutes, and the identity verification requirements are extremely low, making them the least frictional channel for scammers to withdraw funds.Among the victims, 86% are seniors aged 60 and above, primarily due to their liquid savings, lack of knowledge about cryptocurrency, and social isolation. The main scam tactics include pig butchering investment scams, government impersonation, tech support scams, grandparent scams, and fake debt collection services.The involvement of AI technology has made the situation even more severe. By 2025, AI-driven social engineering scams are expected to yield 4.5 times the profits of traditional methods, and real-time deepfake technology has been systematically integrated into scam operations. Transnational criminal organizations also operate with a corporate division of labor model, significantly increasing the difficulty of law enforcement tracking.

According to CertiK statistics, the total losses due to vulnerabilities in all security incidents in the cryptocurrency sector in February have been confirmed to be approximately $35.7 million, of which about $8.5 million is attributed to phishing attacks. This figure is the lowest monthly loss amount since March 2025.

According to the "2026 Skynet Prediction Market Report" released by CertiK, the trading volume of prediction markets is expected to grow to $63.5 billion in 2025, achieving a fourfold increase, with Kalshi, Polymarket, and Opinion becoming the dominant platforms. However, this growth in scale also brings new risks, including oracle vulnerabilities, administrator key abuse, and Web2.5 architecture issues.The report notes that prediction markets have been deemed legal financial products in the U.S. through CFTC rulings, but are banned in several EU countries as unauthorized gambling. Additionally, regulatory differences among U.S. states may further complicate compliance. In December 2025, a security incident involving Polymarket's third-party certification provider exposed centralized failure points in the hybrid Web2/Web3 architecture.The research also estimates that during the peak of airdrops, manual trading volume on some platforms reached 60%, severely distorting liquidity metrics. CertiK predicts that in 2026, prediction markets will see enhanced technical privacy and accelerated institutional adoption, but platforms must simultaneously address issues such as liquidity maintenance, security infrastructure development, and the sustainability of revenue models to achieve long-term growth.

According to Decrypt, the latest report from blockchain security company CertiK shows a surge in physical attacks (i.e., "violent attacks") targeting cryptocurrency holders in 2025, with a total of 72 recorded incidents throughout the year, a 75% increase year-on-year, resulting in losses exceeding $40.9 million.The report states that such attacks have evolved from fringe risks to structural threats, with kidnapping becoming the most common method, and personal assault incidents increasing by 250% year-on-year. There has been a significant change in the geographic distribution of attacks: Europe has become the hardest-hit region, accounting for over 40% of global incidents, with France leading the world with 19 incidents; the U.S. share has drastically dropped from 36.6% in 2024 to 12.5%; Asia still accounts for about 33.3% of high-risk areas.CertiK recommends that individual users adopt defensive strategies such as setting up decoy wallets, geographically isolating recovery phrases from hardware wallets, and reducing their public cryptocurrency footprint; institutions and high-net-worth individuals should consider implementing multi-signature wallet structures, setting up time-lock smart contracts, and developing executive protection protocols.

The blockchain security audit company CertiK is exploring the possibility of an initial public offering (IPO), with a target valuation of approximately $2 billion. CertiK co-founder and Columbia University computer science associate professor Ronghui Gu stated in an interview this week in Davos, Switzerland, that while a specific timeline for the IPO has not yet been established, it has become a clear goal for the company.Founded in 2018 and headquartered in New York, CertiK primarily provides smart contract auditing and security services for blockchain projects. Ronghui Gu revealed that CertiK has served over 5,000 clients, with the assets protected by audited code amounting to approximately $600 billion. The company's most recent funding round occurred in 2022, when CertiK's valuation reached $2 billion in a Series B3 funding round led by Insight Partners, Tiger Global, and Advent International, raising $88 million.Ronghui Gu stated that Binance is CertiK's earliest and currently largest financial supporter, with other investors including Coinbase and SoftBank. Earlier this month, CertiK also announced a strategic partnership with YZi Labs, a family office affiliated with CZ. Ronghui Gu mentioned that Binance recently made an investment in CertiK in the tens of millions of dollars range.

According to CertiK monitoring, 193 suspicious transactions related to unverified contracts associated with SynapLogic have been detected.The attacker borrowed 1 ETH using a flash loan to mint 16,000 SYP tokens by repeatedly calling the contract function, and then returned the ETH, with the operation coming from multiple newly created addresses.

According to CertiK Alert monitoring, the hacker who stole $282 million from a whale has cross-chain bridged part of the funds (approximately $63 million) to an address starting with 0xF73, and then proceeded with further money laundering operations.Earlier reports indicated that on-chain detective ZachXBT posted on social media stating that a certain whale victim lost over $282 million worth of Litecoin (LTC) and Bitcoin (BTC) due to a social engineering scam involving a hardware wallet.

CertiK Alert stated that suspicious transactions were detected in the Fusion PlasmaVault contract. During a withdrawal call, the newly configured "fuse" contract transferred all funds (approximately $267,000) to the EOA address 0x9b1b, which then cross-chain transferred the funds to Ethereum and deposited them into Tornado Cash.

According to CertiK monitoring, an unverified contract associated with the decentralized exchange TMX was attacked on the Arbitrum network, resulting in a loss of approximately $1.4 million.The hacker repeatedly executed the strategy of minting and staking TMX LP with USDT, exchanging USDT for USDG, unstaking, and selling more USDG, in order to drain the USDT, wrapped SOL, and WETH assets from the contract.