Crypto news

22.06.2026
16:02

There have been more hacks, but less damage: the crypto industry set an anti-record for the number of attacks in the second quarter of 2026

The second quarter of 2026 became the most "hack-prone" in the history of the crypto industry: analysts recorded 83 incidents — an absolute record in terms of the number of attacks. However, the total damage amounted to $755.3 million, significantly lower than the peak values of previous years. This paradoxical dynamic deserves close attention.

The largest targets for attackers were the KelpDAO and Drift Protocol protocols, which lost $293 million and $280 million, respectively. Cross-chain bridges accounted for $351 million in losses, with 38% of that amount linked to the attack on the LayerZero OFT bridge, which, according to my analysis, is part of a larger campaign against KelpDAO. Interestingly, private key theft accounted for only 5.66% of total damage, indicating a shift in hackers' focus toward exploiting vulnerabilities at the smart contract and administrative access levels.

At the same time, the quarter was not a record in terms of loss volume: the top spot still belongs to the fourth quarter of 2020 with $3.56 billion. The decline in total damage amid a rise in the number of attacks is explained by a sharp reduction in liquidity within the ecosystem. The total value locked (TVL) fell from $164 billion to approximately $73 billion, making attacks less large-scale but more frequent.

The problem lies in the gap between the speed of protocol development and the maturity of their risk management systems. Examples where projects use a "three out of six" multisignature scheme but store three keys on a single laptop are no longer isolated. In May, THORChain developers confirmed a $10 million hack, after which they suspended the protocol's operations. In June, attackers compromised Humanity Protocol wallets, causing $31 million in damage.

My analysis: The increase in the number of small-scale attacks amid a decline in total damage is an alarming signal for the industry. It indicates that hackers have shifted to "carpet bombing" less protected but more numerous protocols. Until teams begin implementing "security by design" principles, we risk seeing a new anti-record in the next quarter, but this time with more severe financial consequences.