The crypto market saw a major drop in hack losses during May 2026. Blockchain security company CertiK said total losses from crypto attacks fell to $68.3 million during the month. This number marks a huge fall from April, when losses stood close to $650 million.
The report gave hope to many people in the crypto world after a very difficult April. Large hacks and scams had created fear across the market during the previous month. May brought a calmer period, though experts still warned that security problems remain serious.
CertiK said May became the third month this year where losses stayed below the $100 million mark. Even with this positive change, attackers still found ways to target weak systems, especially cross-chain bridges and projects with code flaws.
Big Drop After Heavy April Damage
April brought one of the worst months for crypto security in recent years. Several large attacks caused huge damage across different platforms. Many investors lost money, and some projects faced strong criticism after weak protection systems came to light.
May looked very different. The total value stolen during the month dropped by almost 90%. This sharp fall gave some relief to traders, developers, and companies that work in the crypto sector.
Security experts believe the lower number may show that many projects took stronger safety steps after the chaos in April. Some firms improved system checks, while others increased monitoring for unusual activity. Still, experts do not see this as the end of crypto crime.
Hackers continue to search for weak areas inside blockchain systems. Many attacks now focus on complex networks that move assets between different blockchains.
Cross-Chain Bridges Face Heavy Pressure
One of the biggest concerns in May came from attacks on cross-chain bridges. These systems help users move crypto assets from one blockchain to another. They play a major role in the crypto market because many projects depend on smooth transfers between networks.
CertiK said cross-chain bridge attacks caused about $28.6 million in losses during May. This amount made up around 42% of all crypto losses for the month.
Experts often describe cross-chain bridges as one of the weakest areas in crypto security. These systems contain complex code and connect different blockchain networks. A small mistake inside the code can open the door for attackers.
Hackers usually search for hidden flaws inside smart contracts or network rules. Once they find a weakness, they move quickly to steal funds before the issue becomes public.
Many developers now face pressure to improve bridge safety. Some companies already started deeper code reviews and stronger testing systems to stop future attacks.
Verus Protocol Attack Leads Monthly Losses
The largest crypto exploit during May targeted Verus Protocol. Attackers stole about $11.5 million from the platform through a cross-chain bridge exploit.
The incident showed once again how dangerous bridge weaknesses can become. Even projects with active communities and growing popularity can face serious risk if security checks fail.
After the attack, many people inside the crypto community discussed the need for better protection systems. Some experts called for stronger audits before projects launch major bridge services.
Large exploits often hurt more than finances alone. User trust also suffers after a security breach. Investors may pull money from a project after fears rise about future attacks.
The Verus Protocol case became one of the clearest examples of the ongoing pressure on bridge systems.
THORChain Suffers Major Loss
Another major attack during May hit THORChain. The exploit caused losses of around $10.1 million.
THORChain plays an important role in decentralized finance because it allows users to swap assets across different blockchains without central control. The attack raised fresh concerns about safety inside decentralized systems.
Many crypto users support decentralized finance because it removes middlemen from financial activity. However, the open nature of these systems also creates more chances for hackers to study public code and search for flaws.
Security experts said attacks on major decentralized finance projects may continue unless projects improve testing and monitoring systems.
The THORChain exploit added to the growing list of bridge-related security failures seen over the last few years.
Code Flaws Remain the Main Problem
CertiK said code vulnerabilities caused around $45 million in losses during May. This number represented nearly two-thirds of all stolen funds during the month.
Smart contracts form the backbone of many crypto projects. These digital agreements run automatically once certain conditions are met. If developers make mistakes inside the code, attackers can use those errors to steal money.
Even a tiny flaw can create huge damage. Some hackers spend weeks or months studying blockchain code before they launch an exploit.
Crypto developers often race to launch products quickly because competition inside the market remains very strong. This fast pace sometimes leads to weak testing or missed security checks.
Experts continue to stress the importance of detailed audits before projects go live. Security reviews may help reduce risks, though no system offers complete protection.
The May data showed that poor code quality still remains one of the biggest dangers in the crypto sector.
Phishing Attacks Continue to Hurt Users
Phishing scams also caused damage during May. CertiK said phishing attacks led to losses of around $2.6 million.
These scams usually target regular users instead of blockchain systems. Attackers often create fake websites, fake wallet pages, or false messages to trick people into sharing passwords or wallet access.
Many phishing attacks look very real. Some copies match official websites closely, which makes it difficult for users to spot the scam.
Security experts advise users to double-check website links and avoid unknown messages that ask for wallet details or personal information.
While phishing losses stayed smaller than major exploits during May, these scams still affect many people across the crypto market.
Some Funds Return to Victims
One positive detail from the report came from recovered funds. CertiK said around $9.4 million returned or recovered after attacks during May.
In some cases, security teams managed to trace stolen funds and work with platforms to freeze assets before hackers moved them further. In other cases, attackers returned part of the money after negotiations.
Fund recovery remains difficult in most crypto attacks because blockchain transfers move quickly across many networks. Once hackers spread funds through multiple wallets, tracing becomes much harder.
Even so, the recovery of nearly $10 million gave some hope to victims and security teams.
Crypto Security Still Faces Big Tests
The sharp fall in losses during May brought relief after the massive damage seen in April. Still, the crypto market continues to face serious security threats.
Cross-chain bridges remain a major target for hackers, while code flaws continue to create openings for attacks. Experts believe security must become a higher priority as the crypto industry grows larger.
Many investors now pay close attention to project audits, safety systems, and developer reputation before they trust a platform with their money.
The CertiK report showed that progress may happen, but the battle against crypto crime is far from over. Hackers continue to evolve, and blockchain projects must improve security if they want to protect users and build long-term trust.
ALSO READ: India GST Revenue Rises to Rs 1.94 Lakh Crore in May
