The crypto industry set an anti-record for the number of hacks in the second quarter of 2026.

The second quarter of 2026 proved to be a real test for the crypto industry: 83 protocol hacks were recorded — an absolute anti-record for the number of incidents in the entire history of observations. The total damage amounted to $755.3 million, which, however, is not the highest figure in terms of loss volume.
Key attacks and segments
According to data from analytical platforms, the largest incidents were the hack of KelpDAO for $293 million and the exploit of Drift Protocol for $280 million. The cross-chain bridge segment turned out to be particularly vulnerable: it accounted for $351 million in damages, of which 38% is related to the attack on the LayerZero OFT bridge, which indirectly affected KelpDAO. Another 37% of losses were caused by compromised admin access and token price manipulation. Theft of private keys, contrary to expectations, accounted for only 5.66% of the total volume.
Why is the damage lower despite a record number of hacks?
Despite the sharp increase in the number of attacks, this period did not become the most expensive in terms of loss volume. The record still belongs to the fourth quarter of 2020 — $3.56 billion. The decrease in average damage per incident is explained by several factors. First, the total value locked (TVL) in DeFi decreased from $164 billion to approximately $73 billion, which reduced the "target" for hackers. Second, there is a critical gap between the pace of protocol development and the maturity of their risk management systems. For example, some projects use a "three out of six" multi-signature scheme, but store three keys on one laptop, which nullifies all security.
Consequences and reaction
In May, THORChain developers confirmed a hack of the cross-chain protocol for $10 million, after which they suspended the platform's operations, including trading options and liquidity pool transactions. On June 8, unknown individuals compromised wallets associated with the Humanity Protocol project, causing damage of approximately $31 million.
My expert opinion: The increase in the number of attacks amid a decline in TVL is an alarming signal. Hackers have shifted from large targets to smaller, but less protected protocols. This indicates a systemic problem in risk management: many projects sacrifice security for speed to market. Until the industry revises its approaches to auditing and key storage, we will see a further increase in the number of incidents, even if the average damage remains relatively low.