The crypto industry has set a new anti-record for the number of hacks: the second quarter of 2026 became the most "attacked" in history.

The second quarter of 2026 will go down in crypto industry history as the period with the highest number of hacks. Analysts recorded 83 incidents — an absolute record since observations began. The total damage from these attacks amounted to $755.3 million.
The key feature of this quarter was not so much the total amount of losses, but their structure. Instead of several major "giga-exploits," we are seeing a stream of medium and small attacks, which sharply contrasts with previous records. The most high-profile incidents were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit for $280 million. These two attacks, related to cross-chain bridges, accounted for the bulk of the damage in the cross-chain bridge segment — $351 million, of which 38% came from the LayerZero OFT bridge incident and 37% from compromised administrative access and token price manipulation. Contrary to popular belief, private key theft accounted for only 5.66% of total losses.
Despite the record number of hacks, this quarter was not the most expensive in terms of loss volume. The leader remains the fourth quarter of 2020 with $3.56 billion. The decrease in total damage amid a rise in the number of attacks is an alarming signal, indicating an evolution of threats.
My colleagues in the industry note that the sharp increase in incidents with relatively low damage is linked to a decline in overall liquidity in the ecosystem. The total value locked (TVL) dropped from $164 billion to approximately $73 billion. This means hackers are forced to attack more protocols to achieve comparable results. Additionally, there is a clear gap between the pace of protocol development and the maturity of their risk management systems. As an example, I would cite projects using a "three-of-six" multisignature scheme but storing three keys on a single laptop — such negligence is unacceptable.
Incidents involving THORChain and Humanity Protocol deserve special attention. In May, THORChain developers confirmed a $10 million hack, after which they were forced to suspend the protocol, blocking trading, liquidity pool operations, and other critical functions. And on June 8, attackers compromised Humanity Protocol wallets, causing $31 million in damage.
My expert conclusion: The record number of hacks amid a decline in TVL is not just a statistical anomaly but a symptom of a systemic problem. The industry is experiencing a period of "attack dispersion," where hackers test vulnerabilities in numerous small and medium-sized projects. This requires teams to rethink security priorities: instead of targeted protection against major exploits, comprehensive monitoring and risk management systems must be implemented at all levels. Ignoring this trend will lead to even more dire consequences in the future.