Crypto news

23.06.2026
03:40

The number of hacks has reached a record high, but less was stolen: the DeFi security paradox in the second quarter of 2026

hack

The second quarter of 2026 went down in crypto industry history as a period with an absolute record for the number of hacker attacks on protocols. Analysts recorded 83 incidents — the highest figure ever observed. However, despite the record frequency, the total damage amounted to $755.3 million, significantly lower than historical highs in terms of the volume of stolen funds.

The key trend of the quarter is a shift from isolated "giga-exploits" to a constant stream of smaller but more numerous attacks. The two largest hacks targeted the KelpDAO ($293 million) and Drift Protocol ($280 million) protocols, together accounting for over 75% of all losses. In the cross-chain bridge segment, damage reached $351 million, with 38% of this amount attributed to the incident involving the LayerZero OFT bridge, directly linked to the attack on KelpDAO. Another 37% of losses in this segment were caused by compromised administrative access and token price manipulation. Contrary to popular belief, private key theft accounted for only 5.66% of the total damage.

The paradox is that while the number of hacks set a record, the quarter did not even rank among the top three most expensive in terms of losses. The absolute anti-record in value is still held by the fourth quarter of 2020, with a figure of $3.56 billion. This points to structural changes in the ecosystem: the total value locked (TVL) decreased from $164 billion to approximately $73 billion, objectively reducing the "target" for attackers. However, the frequency of attacks suggests something else — a growing vulnerability in the infrastructure.

Experts attribute this surge to the gap between the speed of protocol development and the maturity of their risk management systems. A characteristic example cited is projects using a "three out of six" multi-signature scheme but storing all three keys on a single laptop. This is a classic case where formal security is not backed by real-world practices.

Additional confirmation of the systemic nature of the problem came from incidents in THORChain, where a $10 million hack led to the suspension of the entire protocol, and in Humanity Protocol, which lost approximately $31 million due to compromised wallets.

My analysis: A record number of hacks amid declining TVL is an alarming signal. It shows that hackers are adapting faster than protocols are implementing adequate security measures. While the industry chases functionality, basic cybersecurity principles remain at a "check-the-box" level. This may not lead to a catastrophic single hack yet, but the constant "erosion" of trust could prove more destructive for DeFi than one major exploit.