Crypto news

22.06.2026
18:30

The number of hacks has reached a record high, but the damage is at a record low: the crypto industry has entered an era of "micro-exploits."

hack

The second quarter of 2026 will go down in crypto industry history as a record-breaking period for hacks: analysts recorded 83 incidents. This is an absolute all-time low in the history of observations. However, the paradox is that the total damage amounted to only $755.3 million — far from the highest figure.

The largest attacks of the quarter were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit for $280 million. Interestingly, the cross-chain bridge segment suffered $351 million in losses, with 38% of that amount attributed to the LayerZero OFT bridge incident, which is directly linked to the KelpDAO attack. Another 37% of the damage in this segment was caused by compromised administrative access and token price manipulation. Contrary to expectations, private key theft accounted for only 5.66%.

Why, with such a high number of hacks, are total losses not breaking records? The answer lies in fundamental market changes. The total value locked (TVL) in DeFi has shrunk from $164 billion to approximately $73 billion. There is less liquidity, meaning hackers' "spoils" have become more modest. The record for the value of hacks is still held by the fourth quarter of 2020, with a figure of $3.56 billion.

This trend — an increase in the number of attacks while average damage decreases — signals a serious gap between the speed of protocol development and the maturity of their risk management systems. Many projects, striving for innovation, neglect basic security. For example, some use a "three out of six" multi-signature scheme but store three keys on a single laptop. This is not just negligence but a direct threat to user funds.

In May, THORChain developers confirmed a $10 million hack, after which they suspended the protocol's operations. And on June 8, unknown parties compromised Humanity Protocol wallets, causing $31 million in damage. These incidents are just the tip of the iceberg.

Expert opinion from Cryptalist: The market has entered an era of "micro-exploits" — a continuous stream of small and medium-sized attacks that collectively create systemic risk. Until the industry revises its approach to security audits and key management, we will observe not a reduction in the number of hacks, but merely their "fragmentation." Investors should pay attention not to big names, but to the actual security practices of projects.