Crypto news

22.06.2026
21:30

The second quarter of 2026 set a record for the number of hacks: 83 incidents, but the damage was below historical highs.

hack

The second quarter of 2026 went down in crypto industry history as the period with the highest number of recorded hacks. Analysts counted 83 successful attacks on DeFi protocols and cross-chain bridges, an absolute anti-record for all time. The total damage from these incidents amounted to $755.3 million — an impressive sum, but far from a record compared to previous periods.

Major Attacks and Trends

The most significant events of the quarter were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit for $280 million. These two incidents together account for more than 75% of total losses. In the cross-chain bridge segment, damage reached $351 million, with 38% of that amount attributed to the attack on the LayerZero OFT bridge, which was linked to the KelpDAO hack. Another 37% of losses in this category were caused by compromised administrative access and token price manipulation. Private key theft, contrary to popular belief, accounted for a relatively modest share — just 5.66%.

Why Are Hacks Increasing While Damage Is Decreasing?

Despite the record number of incidents, this quarter was not the most costly in terms of losses. The record is still held by the fourth quarter of 2020 — $3.56 billion. The key reason for this paradox is a sharp reduction in ecosystem liquidity. The total value locked (TVL) dropped from $164 billion to approximately $73 billion, making attacks less "profitable" for hackers. Additionally, there is a critical gap between the pace of protocol development and the maturity of their risk management systems. For example, some projects use a "three out of six" multi-signature scheme but store three keys on a single laptop — which negates all the security of such a structure.

Industry Consequences

In May, THORChain developers confirmed a $10 million hack of the cross-chain protocol, after which they suspended the service, including trading, liquidity pools, and other sensitive operations. And on June 8, unknown attackers compromised the wallets of the Humanity Protocol project, stealing approximately $31 million. These incidents highlight a systemic vulnerability: the increase in the number of attacks with a decrease in average damage indicates that hackers have shifted to less protected but more numerous targets.

My expert conclusion: A record number of hacks with a decrease in total damage is an alarming signal for the entire industry. It indicates not a reduction in the threat, but a fragmentation of attacks. Protocols, especially small and medium-sized ones, must urgently review their security practices, otherwise we risk seeing a new surge of major losses when liquidity returns to the market.