The second quarter of 2026 set an anti-record for the number of hacks in the crypto industry: 83 incidents in three months

The second quarter of 2026 became the most "fruitful" for hackers in the history of cryptocurrencies: analysts recorded 83 protocol hacks — an absolute record for the number of incidents in a single quarter. The total damage is estimated at $755.3 million. However, despite the record number of attacks, the total amount of losses does not reach historical highs.
The largest incidents of the quarter were the KelpDAO hack for $293 million and the Drift Protocol exploit, which cost the protocol $280 million. The cross-chain bridge segment was particularly affected, accounting for $351 million in losses. Of these, 38% were from an attack on the LayerZero OFT bridge, linked to the KelpDAO incident. Another 37% of losses were caused by the compromise of administrative keys and token price manipulation. In contrast, private key theft accounted for only 5.66% of the total damage.

Interestingly, this quarter was not the most expensive in terms of loss volume. The record is still held by the fourth quarter of 2020 with a figure of $3.56 billion. The current surge in the number of attacks with relatively modest damage is explained by changes in the market structure. Overall liquidity in DeFi has noticeably decreased: the total value locked (TVL) fell from $164 billion to approximately $73 billion. This means hackers are forced to attack more protocols to obtain comparable profits.
The problem is exacerbated by the gap between the pace of protocol development and the maturity of their risk management systems. Many projects use multi-signature schemes, such as "three out of six," but store three keys on a single laptop. This makes them vulnerable even to basic attacks. In May, for example, THORChain developers confirmed a $10 million hack, after which the protocol was temporarily suspended. And on June 8, unknown attackers compromised Humanity Protocol wallets, causing $31 million in damage.
Expert opinion: The record number of hacks is a troubling signal for the industry. The decline in TVL should not be reassuring: hackers are adapting to new conditions, switching to less secure but numerous protocols. Until project teams implement modern security practices (hardware wallets for keys, regular audits, and monitoring systems), we will continue to see more small but painful attacks.