Crypto news

22.06.2026
19:15

The number of hacks has reached a record high, but the damage is at a record low: the paradox of the second quarter of 2026

hack

The second quarter of 2026 went down in crypto industry history as an absolute anti-record for the number of hacks — 83 successful attacks on protocols were recorded. This is the highest figure in the entire observation period. However, the total damage amounted to $755.3 million, significantly lower than the peak values of previous years.

Key Incidents and Loss Structure

The largest attacks of the quarter were the KelpDAO hack for $293 million and the Drift Protocol exploit for $280 million. Together, these two incidents accounted for more than 75% of all lost funds. In the cross-chain bridge segment, damage reached $351 million, with 38% of this amount linked to the attack on the LayerZero OFT bridge, which experts associate with the KelpDAO incident. Another 37% of losses came from compromised administrative access and token price manipulation. Private key theft, contrary to popular belief, accounted for only 5.66% of total losses.

Why So Many Hacks but Little Money?

Despite the record number of incidents, the second quarter of 2026 was not the most expensive in terms of loss volume. The absolute record is still held by the fourth quarter of 2020 — $3.56 billion. The decrease in total damage amid a rise in the number of attacks is an alarming signal, indicating a shift in the threat structure.

Market analysis shows that the total value locked (TVL) in DeFi has shrunk from $164 billion to approximately $73 billion. This means it has become harder for attackers to find "fat" targets, but they have shifted to more frequent, albeit less large-scale, attacks. Additionally, there is a growing gap between the speed of developing new protocols and the maturity of their risk management systems. A typical example is the use of a "three out of six" multi-signature scheme, where three keys are stored on a single laptop. Such a practice negates the very idea of distributed security.

Consequences for the Ecosystem

In May, THORChain developers confirmed a $10 million hack of the cross-chain protocol, after which the service was suspended. In early June, attackers compromised the wallets of the Humanity Protocol project, stealing approximately $31 million. These incidents highlight systemic vulnerability, especially in the cross-chain solutions segment.

My conclusion: The record number of hacks with reduced damage is not a sign of the industry "maturing," but rather a symptom of its fragmentation. As long as projects chase speed to market while neglecting basic security principles, we will see a rise in "small" attacks that, collectively, can cause greater reputational damage than a single major hack.