Crypto news

23.06.2026
08:18

The second quarter of 2026 became the most "hacked" in cryptocurrency history: a record number of attacks with a decrease in total damage.

hack

The cryptocurrency market faced an unprecedented wave of hacks in the second quarter of 2026. Analysts recorded 83 incidents — an absolute record for the number of attacks in the history of observations. However, the total damage of $755.3 million was significantly lower than the peak values of previous years. This indicates a shift in attackers' tactics: instead of single giant exploits, we are seeing "swarm" attacks on less secure protocols.

The largest incidents of the quarter were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit, which cost the ecosystem $280 million. Both attacks targeted the cross-chain bridge segment, where total damage reached $351 million. Interestingly, 38% of this amount is linked to the incident involving the LayerZero OFT bridge, which, according to the investigation, is part of the KelpDAO attack. Another 37% of losses came from the compromise of administrative keys and token price manipulation. In contrast, private key theft accounted for only 5.66% of the total volume — suggesting that hackers are increasingly attacking smart contract vulnerabilities rather than user wallets.

Despite the record number of attacks, the second quarter of 2026 was not the most costly in terms of losses. This "title" is still held by the fourth quarter of 2020, when damage amounted to $3.56 billion. The decline in absolute losses amid a rise in the number of incidents is an alarming signal for the industry. As Dmitry Tarasyuk, Product Director at CORE3 and CER.live, noted, this is linked to a reduction in overall liquidity in DeFi: TVL fell from $164 billion to approximately $73 billion. Simply put, "there is nothing left to steal," but the number of attempts is growing due to weak protocol security.

Tarasyuk also pointed to a critical gap between the pace of protocol development and the maturity of their risk management systems. As an example, he cited projects using a "3-of-6" multi-signature scheme but storing three keys on a single laptop. This is gross negligence that turns any protection into a fiction.

In May, THORChain developers confirmed a $10 million hack, after which they suspended the protocol's operation. And on June 8, unknown attackers compromised wallets associated with Humanity Protocol, causing $31 million in damage. These incidents only confirm the trend: hackers are targeting not only large targets but also mid-sized projects with insufficient security levels.

Expert opinion: The record number of hacks amid declining total damage is a "silent epidemic" in the crypto industry. While the market focuses on price recovery and attracting liquidity, security remains the Achilles' heel. Protocols that do not invest in audits and multi-layered protection risk becoming the next victim. In the coming quarters, we will likely see stricter security requirements from investors and regulators.