The crypto industry set an anti-record for the number of hacks in the second quarter of 2026.

The second quarter of 2026 will go down in history as the most "fruitful" for cyberattacks in the crypto industry. Analysts recorded 83 protocol hacking incidents — an absolute record for the entire observation period. The total damage from these attacks reached $755.3 million.
Although the number of hacks increased sharply, the total losses are significantly lower than historical highs. For example, in the fourth quarter of 2020, the damage amounted to $3.56 billion — this figure remains unsurpassed. However, the current trend is alarming: instead of rare but large-scale exploits, we are seeing a continuous stream of small and medium-sized attacks.
The largest incidents of the quarter were the hack of the KelpDAO protocol for $293 million and the Drift Protocol exploit for $280 million. The cross-chain bridge segment proved particularly vulnerable, with damage reaching $351 million. Of this amount, 38% came from the attack on the LayerZero OFT bridge, which, according to the investigation, was linked to the KelpDAO incident. Another 37% of losses in this segment were caused by compromised administrative access and token price manipulation. Private key theft, contrary to expectations, accounted for only 5.66% of total losses.
The increase in the number of hacks amid a decrease in total damage has an explanation. In my estimation, the total value locked (TVL) in DeFi has fallen from $164 billion to approximately $73 billion. This means it has become harder for hackers to find large liquidity pools to attack, so they have switched to smaller but more numerous targets. Additionally, there remains a critical gap between the speed of protocol development and the maturity of their risk management systems. Some projects still use "three out of six" multisigs but store three keys on one laptop — this is gross negligence.
Among other notable incidents are the THORChain hack for $10 million in May, after which the team was forced to suspend the protocol's operation, and the compromise of Humanity Protocol wallets on June 8, with damage estimated at $31 million.
My comment: A record number of hacks amid a decline in total damage is a worrying signal for the industry. This points to a systemic problem: the security of many protocols is not keeping pace with their functional growth. While projects chase liquidity and users, fundamental risks remain underestimated. Investors should pay attention not only to TVL and yields but also to security audits and key management practices.