The crypto industry has set an anti-record for the number of hacks: 83 incidents in a quarter

The second quarter of 2026 became a real "dark streak" for the crypto industry: analysts recorded 83 protocol hacks — an absolute record in terms of the number of incidents in the entire history of observations. The total damage amounted to $755.3 million. However, as the data shows, the nature of the threats has changed: instead of isolated giant exploits, we are seeing a continuous stream of smaller but more frequent attacks.
Key Incidents and Loss Structure
The most high-profile attacks of the quarter were the hack of KelpDAO for $293 million and the exploit of Drift Protocol for $280 million. Together, they account for the bulk of the damage. It is worth noting that the cross-chain bridge segment suffered particularly severely: losses here reached $351 million. Of this amount, 38% was attributed to the incident with the LayerZero OFT bridge, which was directly linked to the attack on KelpDAO. Another 37% of losses in this segment were caused by compromised administrative access and token price manipulation. Private key theft, contrary to popular belief, accounted for a relatively modest share — only 5.66%.
Why Are There Many Hacks but No Record Damage?
Despite the record number of incidents, the second quarter of 2026 did not reach the historical maximum in terms of loss volume. The absolute record for the value of hacks is still held by the fourth quarter of 2020 — $3.56 billion. Why is this happening? The answer lies in market dynamics. The total value locked (TVL) in DeFi has sharply declined: from $164 billion to approximately $73 billion. Simply put, there is physically less liquidity for attackers to steal.
Furthermore, there is a critical gap between the speed of launching new protocols and the maturity of their security systems. A typical example: teams use a "three out of six" multi-signature scheme but store three keys on a single laptop. Such negligence is a direct path to disaster.
The Epidemic Continues
The trend is not limited to one quarter. In May, developers of THORChain confirmed a $10 million hack, after which the protocol was urgently suspended. On June 8, unknown attackers compromised the wallets of the Humanity Protocol project, stealing approximately $31 million. These incidents are just the tip of the iceberg.
My expert opinion: The market is experiencing an "era of micro-hacks." Attackers have shifted from a "one big blow" strategy to a "thousands of small cuts" tactic. This requires a fundamentally new approach to security from the industry: not just one-time audits, but continuous monitoring and automated protection. For now, we see that product innovations are outpacing innovations in their protection — and this is a dangerous imbalance.