Crypto news

22.06.2026
16:40

Record number of hacks in the second quarter of 2026: the crypto industry faces a wave of small-scale attacks

hack

The second quarter of 2026 set a historic anti-record for the number of security incidents in the crypto industry. Analysts recorded 83 protocol hacks — an absolute maximum in the entire history of observations. The total damage amounted to $755.3 million, which is significantly lower than the record figures of previous years.

The largest attacks were the KelpDAO hack for $293 million and the Drift Protocol exploit for $280 million. In the cross-chain bridge segment, losses reached $351 million, with 38% of this amount attributed to the incident with the LayerZero OFT bridge, linked to the attack on KelpDAO. Another 37% of losses were caused by compromised administrative access and token price manipulation. Theft of private keys accounted for only 5.66% of the total losses.

Despite the record number of incidents, this quarter was not the most expensive in terms of damage volume. The record is still held by the fourth quarter of 2020 — $3.56 billion. This dynamic is explained by a decrease in overall liquidity in the ecosystem. The total value locked (TVL) fell from $164 billion to approximately $73 billion, making attacks less large-scale but more frequent.

The key problem is the gap between the pace of protocol development and the maturity of their risk management systems. For example, some projects use a "three out of six" multi-signature scheme but store three keys on a single laptop. This creates an illusion of security that collapses at the first attack.

In May, THORChain developers confirmed a $10 million hack of the cross-chain protocol, after which they suspended the service. On June 8, unknown attackers compromised wallets associated with the Humanity Protocol project, leading to losses of $31 million.

Expert opinion: The current situation is a warning signal for the entire industry. The increase in the number of attacks amid declining liquidity points to systemic vulnerabilities in risk management. Projects need to reconsider their approaches to security: abandoning "paper" multi-signatures and implementing more reliable key storage schemes is only the first step. Without this, we risk seeing even more destructive incidents in the future.