-
Cryptocurrencies
-
Exchanges
-
Media
All languages
Cryptocurrencies
Exchanges
Media
Share

Recently, CertiK, the world's largest Web3 security company, released "Skynet "2026 Stablecoin Threat Report" systematically sorted out the two core challenges facing the current stablecoin ecosystem: on the one hand, security incidents related to cross-chain bridges have caused more than 328 million US dollars in losses since 2026, and attackers are shifting their targets from smart contract vulnerabilities to cross-chain bridges, custody systems and payment infrastructure; on the other hand, the Russian ruble stablecoin A7A5 has a cumulative transaction volume of more than 110 billion US dollars since its launch, and is becoming a core tool to circumvent national sanctions.
The report emphasizes that the two major threats are intertwined, making the security of stablecoins out of the scope of early crypto asset speculation risks and upgraded to a systemic challenge directly related to the security of global payment networks and cross-border financial systems.
In the past few years, hacker attacks have tended to focus on smart contract vulnerabilities. However, as stablecoins gradually become an important carrier of cross-chain liquidity and global payments, attackers’ targets have also begun to shift to higher-value, more critical infrastructure layers.

The report shows that since 2026 alone, security incidents related to cross-chain bridges have caused more than $328 million in losses. Among them, the Kelp DAO wallet leak in April resulted in a single loss of US$291 million, making it one of the largest cross-chain bridge-related incidents so far this year.
The CertiK report believes that cross-chain bridges and interoperability protocols are still one of the most vulnerable links in the entire stablecoin ecosystem. Since stablecoin liquidity is dispersed among different blockchains and Layer 2 networks, cross-chain bridges assume the core function of value transfer. Once there is a problem with the verification node, message verification mechanism or multi-signature system, the risk may quickly spread to multiple ecosystems.
It is worth noting that wallet leaks are replacing traditional code vulnerabilities as the main attack target.
According to report statistics, many major DeFi security incidents this year are related to private key management failures, access control flaws, and operational layer security issues. Attackers are increasingly inclined to bypass complex on-chain logic and directly attack custody systems, vault structures, and operational processes.
“Stablecoin security issues are becoming more and more like traditional financial security issues.” The report pointed out that as stablecoins penetrate deeper into payment systems and institutional business scenarios, KYC service providers, payment APIs, sanctions screening systems and identity verification infrastructure have also begun to become targets of attacks.
Compared with technical attacks, the report focuses more on A7A5.
A7A5 is a stablecoin backed by the Russian Ruble, launching in early 2025. The report stated that the stablecoin was promoted by the Russian cross-border settlement platform A7 Network and provided support through Russian state-owned bank Promsvyazbank (PSB) and other institutions.

According to on-chain data analysis, in less than a year since its launch, A7A5’s cumulative on-chain transaction volume has exceeded US$110 billion, accounting for approximately 43% of the global non-US dollar stablecoin market.
The report believes that the importance of A7A5 does not lie in its scale, but in that it demonstrates a new stable currency model - using stable currency technology to build a cross-border settlement network that is not affected by the Western financial system.
After the Garantex trading platform was cracked down by US law enforcement in 2025, A7A5 quickly became an important liquidity tool for the Russian crypto economy. According to the report, the system draws on the USDT model in design, but places issuance, reserve management and compliance controls outside Western regulatory jurisdictions.
The report pointed out that this means that stablecoins are no longer just payment tools, but may also become an important variable in geopolitics and international sanctions systems.
The development of A7A5 has also triggered joint actions by regulatory agencies in many countries.
The report shows that the EU directly included A7A5 in the sanctions framework for the first time in 2025, becoming the first cryptocurrency in the world to be explicitly included in a trading ban. Subsequently, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) and the British Office of Financial Sanctions Enforcement (OFSI) also successively imposed sanctions on relevant entities.
At the same time, the EU will further expand the scope of supervision in 2026, shifting from targeting a single project to imposing a classified ban on the entire Russian encryption service ecosystem.

However, on-chain data shows that these measures did not fundamentally prevent the development of A7A5. Between February 2025 and May 2026, the number of A7A5 currency-holding addresses increased from approximately 13,000 to approximately 29,000. Before and after multiple sanctions nodes, there was no significant decline in on-chain data.
The report pointed out that this reflects that the current global sanctions system still has obvious limitations when facing on-chain financial networks. When the user base lies primarily outside the sphere of influence of Western law enforcement, the actual effectiveness of traditional sanctions can be significantly diminished.
The report also mentioned that the A7 network has begun to expand into the African market: Russia has invited many African countries to join the A7 settlement network, and has set up offices in Nigeria and Zimbabwe, and plans to build a financial corridor in southern Africa. If the relevant network further expands, local financial institutions may unknowingly do business with the sanctioned system, thereby facing potential secondary sanctions risks from the West.
The report concluded that the stablecoin threat landscape in 2026 has shown a "double evolution" feature: at the technical level, attack activities are shifting from protocol vulnerabilities to financial infrastructure; at the geopolitical level, stablecoins are beginning to be used to build new settlement networks independent of the traditional financial system.
CertiK concluded the report by recommending that companies and financial institutions can no longer rely solely on checking the names of entities on the official sanctions list, but must adopt a more proactive defensive posture:
● Clear investigation of contract addresses not included in the list: As of the release of the report, OFAC has not yet included A7A5’s smart contract address on the Specially Designated Nationals (SDN) sanctions list. Financial institutions should proactively enter the Ethereum address (0x6fA0BE17e4beA2fCfA22ef89BF8ac9aab0AB0fc9) and TRON address (TLeVfrdym8RoJreJ23dAGyfJDygRtiWKBZ) into the internal screening system.
● Reassess high-risk correspondent banking exposures: Financial institutions with correspondent banking operations in A7A5 active jurisdictions such as Nigeria, Zimbabwe, and Kyrgyzstan need to closely examine whether local counterparties are involved in their undercurrent related entities.
● The focus of security shifts to the operation layer: Given that wallet leaks and private key management have become major operational risks, enterprises must regularly perform independent third-party audits and comprehensively strengthen cross-chain message transmission logic, verification nodes, and multi-signature controls.
The security of stablecoins in 2026 has obviously broken away from the narrow scope of early encryption applications. Stablecoin security is no longer just a problem in the blockchain industry, but is becoming an important issue in global financial infrastructure risk management.
Full text of the report: https://indd.adobe.com/view/c10a9bca-6be9-4272-83ed-ec9fc631b48f