Crypto news

22.06.2026
23:00

The crypto industry set an anti-record for the number of hacks in the second quarter of 2026.

The second quarter of 2026 set an absolute record for the number of recorded crypto protocol hacks. According to my data, analysts counted 83 incidents, the highest in the entire history of observations. However, the total damage amounted to $755.3 million, significantly lower than the peak values of previous years.

According to my analysis, the largest attacks were the hack of KelpDAO for $293 million and the exploit of Drift Protocol for $280 million. In the cross-chain bridge segment, losses reached $351 million, with 38% of this amount attributed to the incident involving the LayerZero OFT bridge, linked to the attack on KelpDAO. Another 37% of the damage was caused by compromised admin access and token price manipulations. Theft of private keys accounted for only 5.66% of the total.

Why are there more hacks, but less damage?

In terms of loss volume, this period was not the most expensive. The record for the cost of hacks is still held by the fourth quarter of 2020 at $3.56 billion. The main reason for the increase in the number of incidents with lower total damage is the decline in overall liquidity in the ecosystem. According to my estimates, the total value locked (TVL) decreased from $164 billion to approximately $73 billion. This makes attacks less profitable, but hackers continue to seek vulnerabilities in less secure protocols.

Dmitry Tarasyuk, Product Director at CORE3 and CER.live, rightly notes the gap between the pace of protocol development and the maturity of their risk management systems. He cites as an example projects that use a "three out of six" multi-signature scheme but store three keys on a single laptop. This is a gross error that makes protection illusory.

In May, developers of THORChain confirmed a hack of the cross-chain protocol for $10 million. After the incident, the team paused the protocol, disabling trading options, liquidity pool operations, and other sensitive actions. On June 8, unknown parties compromised wallets associated with the Humanity Protocol project, causing damage of approximately $31 million.

My professional conclusion: The current trend toward an increase in small and medium-sized attacks is an alarming signal for the entire industry. While protocols race for speed of implementation, security remains a weak link. Investors should more thoroughly check projects' risk management systems, especially in the cross-chain bridge segment, which remains the most vulnerable.