The crypto industry set an anti-record for the number of hacks: the second quarter of 2026 became the most "attacked" in history.

The second quarter of 2026 will go down in crypto industry history as a period with a record number of hacks. Analysts recorded 83 incidents, an absolute all-time high. However, notably, the total damage from these attacks amounted to $755.3 million — far from a record figure.
Largest Targets and Loss Structure
The most significant attacks were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit, which cost $280 million. Interestingly, 38% of all losses were attributed to the cross-chain bridge segment, with the key incident being the compromise of the LayerZero OFT bridge, linked to the KelpDAO attack. Another 37% of the damage was caused by token price manipulation and administrative access hacks. Private key theft, despite its danger, accounted for only 5.66% of the total.
Why Are Attacks Increasing While Damage Is Not?
This paradox is explained by fundamental changes in the ecosystem. The total value locked (TVL) has sharply declined — from $164 billion to approximately $73 billion. As a result, it has become harder for hackers to "score a big jackpot," but they have shifted to more frequent, albeit smaller-scale, attacks. This is an alarming signal: protocols, especially young ones, often fail to keep pace with their own development in terms of security.
A striking example is when projects use a "three out of six" multi-signature scheme but store three keys on a single laptop. Such negligence nullifies all cryptographic protection. In May 2026, this was confirmed in practice: the THORChain team was forced to suspend the protocol after a $10 million hack.
Expert Opinion
The record for hack damage is still held by the fourth quarter of 2020, with a figure of $3.56 billion. However, the current trend indicates that the threat has not disappeared — it has mutated. The increase in the number of incidents alongside a decrease in total damage is not a sign of a "lull" but a signal that the industry needs to reconsider its approaches to security auditing and risk management, especially in the field of cross-chain interactions.