The crypto industry set an anti-record for the number of hacks in the second quarter of 2026.

The second quarter of 2026 was the most "fruitful" for hackers in terms of the number of attacks: 83 incidents involving crypto protocols were recorded. This is an absolute record in the history of observations. The total damage from these hacks amounted to $755.3 million.
The key events of the quarter were the attack on KelpDAO, which resulted in the theft of $293 million, and the Drift Protocol exploit, which cost $280 million. In the cross-chain bridge segment, losses reached $351 million, with 38% of them attributed to the incident involving the LayerZero OFT bridge, which is linked to the attack on KelpDAO. Another 37% of the damage came from compromised administrative access and token price manipulation. In contrast, private key theft accounted for only 5.66% of the total losses.
Despite the record number of incidents, this quarter was not the most expensive in terms of the volume of stolen funds. The absolute record for the cost of hacks still belongs to the fourth quarter of 2020, when the damage amounted to $3.56 billion.
I attribute the increase in the number of attacks amid a decrease in total damage to the overall decline in liquidity within the ecosystem. The total value locked (TVL) decreased from $164 billion to approximately $73 billion. This means it has become more difficult for hackers to find large pools for a single massive attack, so they have shifted to smaller but more frequent incidents.
Furthermore, there is a serious gap between the pace of protocol development and the maturity of their risk management systems. For example, some projects use a "three out of six" multi-signature scheme but store three keys on a single laptop. This is a gross violation of basic security principles.
In May 2026, THORChain developers confirmed a $10 million hack of the cross-chain protocol, after which the protocol's operation was suspended. And on June 8, unknown parties compromised wallets associated with the Humanity Protocol project, stealing approximately $31 million.
My expert commentary: The record number of hacks is an alarming signal for the entire industry. Although the total damage is below historical highs, the frequency of attacks points to systemic security issues. Investors should more carefully assess the level of protocol protection, especially in the cross-chain bridge segment, which remains the most vulnerable. I expect regulators and auditors to increase pressure on projects with low security standards.