Crypto news

23.06.2026
08:33

The crypto industry set an anti-record for the number of hacks: 83 incidents in a quarter, but the damage is lower than historical peaks

hack

The second quarter of 2026 will go down in crypto industry history as the most "leaky" on record: analysts recorded 83 protocol hacks. This is an absolute record in terms of the number of attacks, although the total damage of $755.3 million was far from the highest.

Key data from Unfolded and DeFiLlama platforms indicate a shift in trend: instead of isolated "giga-exploits," attackers have moved to a strategy of mass but smaller-scale attacks. The largest incidents of the quarter were the KelpDAO hack for $293 million and the Drift Protocol exploit for $280 million. In the cross-chain bridge segment, damage reached $351 million, with 38% of that amount attributed to the attack on the LayerZero OFT bridge, directly linked to the KelpDAO incident. Another 37% of losses were caused by compromised administrative access and token price manipulation. Private key theft, contrary to expectations, accounted for only 5.66%.

Снимок экрана — 2026-06-22 в 18.02.35
Source: DeFiLlama.

Despite the record number of attacks, the quarter was not the most expensive in terms of financial losses. The absolute record for hack costs is still held by the fourth quarter of 2020, when damage amounted to $3.56 billion. This suggests that while the frequency of attacks is increasing, the "quality" of each individual attack is declining.

Experts attribute this to a sharp reduction in overall liquidity within the ecosystem. The total value locked (TVL) fell from $164 billion to approximately $73 billion, making large targets less attractive. However, the main problem is the gap between the speed of protocol development and the maturity of their risk management systems. An example is projects using a "three-of-six" multisignature but storing three keys on a single laptop. This is a gross violation of basic security principles.

Incidents involving THORChain and Humanity Protocol are worth noting separately. In May, THORChain developers confirmed a $10 million hack, after which they completely suspended the protocol's operations, including trading and liquidity pool activities. And on June 8, unknown parties compromised Humanity Protocol wallets, causing damage of approximately $31 million.

My comment: A record number of attacks with a decrease in total damage is an alarming signal. It points not to an increase in hacker skill, but to a systemic immaturity in the industry. As long as protocols chase speed of deployment while forgetting about fundamental security, we will see more small but painful "stings." Investors should reconsider their criteria for evaluating projects, prioritizing audits and key management architecture.