Crypto news

22.06.2026
23:45

The crypto industry set an anti-record for the number of hacks in the second quarter of 2026.

hack

The second quarter of 2026 set a record for the number of security incidents in the crypto industry: analysts recorded 83 protocol hacks — an absolute all-time high. The total damage from these attacks amounted to $755.3 million, which, however, is significantly lower than historical peaks in terms of loss volume.

According to data I managed to analyze from open sources and my own observations, the largest events were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit, which resulted in the theft of $280 million. The cross-chain bridge segment is particularly alarming: it accounted for $351 million in losses, with 38% of that amount linked to the attack on the LayerZero OFT bridge, which appears to be directly connected to the KelpDAO incident. Another 37% of losses in this segment were caused by compromised administrative access and token price manipulation. Theft of private keys, on the other hand, accounted for only 5.66% of total damage.

Despite the record number of attacks, this quarter lags behind the fourth quarter of 2020 in terms of loss volume, when damage amounted to $3.56 billion. This indicates a shift in the nature of threats: instead of isolated but large-scale exploits, we are seeing a constant stream of smaller but more frequent attacks. As experts I consulted note, this is linked to an overall decline in liquidity within the ecosystem: total value locked (TVL) has dropped from $164 billion to approximately $73 billion, making large targets less attractive.

One of the key issues remains the gap between the speed of protocol development and the maturity of their risk management systems. An example is projects using a "three out of six" multisignature scheme but storing three keys on a single laptop — a gross error that makes the entire system vulnerable. In May 2026, the THORChain team confirmed a $10 million hack, after which they were forced to suspend the protocol's operations, including trading and liquidity pool activities. And on June 8, unknown attackers compromised the wallets of the Humanity Protocol project, stealing approximately $31 million.

My expert assessment: This trend — an increase in the number of small hacks with a decrease in total damage — is a warning sign for the industry. It indicates that attackers are adapting to new conditions, focusing on less protected but more numerous targets. Investors and developers should prioritize not only scaling but also the fundamental security of their systems, especially in the areas of key management and cross-chain infrastructure.