Crypto news

22.06.2026
18:15

The crypto industry has set an anti-record for the number of hacks: 83 incidents in a quarter

hack

The second quarter of 2026 will go down in crypto industry history as the most "hack-prone": analysts recorded 83 attacks on protocols — an absolute record in the number of incidents ever observed. However, the total damage of $755.3 million was far from record-breaking. This indicates a paradigm shift: instead of a few major exploits, we are seeing a constant stream of small and medium-sized attacks.

Key Incidents and Their Consequences

The most significant losses came from the hack of KelpDAO ($293 million) and the exploit of Drift Protocol ($280 million). In the cross-chain bridge segment, damage reached $351 million, with 38% of that amount linked to the attack on the LayerZero OFT bridge, which experts associate with the KelpDAO incident. Another 37% of losses came from compromised administrative access and token price manipulation. Private key theft, contrary to expectations, accounted for only 5.66% of total losses.

Notably, in terms of loss volume, the current quarter was not the most expensive. The record is still held by the fourth quarter of 2020 — $3.56 billion. This confirms the thesis that the number of attacks is increasing, but their "quality" is declining.

Why Are There More Hacks but Less Damage?

The rise in the number of incidents alongside a decrease in total damage is explained by fundamental changes in the ecosystem. The total value locked (TVL) in DeFi has dropped from $164 billion to approximately $73 billion — there is less liquidity, and thus hackers' "haul" has diminished. However, this does not make the situation any less alarming.

The main problem is the gap between the pace of protocol development and the maturity of their risk management systems. An example is projects using a "three out of six" multi-signature scheme while storing three keys on a single laptop. Such negligence is a direct path to disaster, regardless of liquidity volume.

Specific Cases: THORChain and Humanity Protocol

In May, developers of THORChain confirmed a hack of the cross-chain protocol for $10 million. After the incident, protocol operations were suspended: trading, liquidity pool operations, and other "sensitive" actions became unavailable. On June 8, unknown parties compromised wallets associated with the Humanity Protocol project, stealing approximately $31 million.

My comment: The current situation is an alarming signal for the entire industry. We see that hackers are adapting faster than developers implement protective mechanisms. While projects chase speed to market, security remains the "weak link." It's time to move from reactive defense to proactive measures: audits, bug bounty programs, and multi-factor authentication should become the standard, not the exception. Otherwise, the next quarter could break not only the record for the number of hacks but also for the volume of losses.