Crypto Industry Sets Record for Hacks in Q2 2026

The crypto industry faced a record 83 hacks in Q2 2026, resulting in $755.3 million in losses, according to analysts.

In the second quarter of 2026, analysts recorded 83 hacks of crypto protocols, the highest number of incidents ever documented. The total damage amounted to $755.3 million.

Q2 2026 is already the most-hacked quarter on record, with ~70 hacks, 2X the record.
But the total amount hacked ($746M) is a fraction of the previous peaks. Rather than a few giga exploits, it's been a constant stream of smaller attacks pic.twitter.com/wQjaIRlegJ
— unfolded. (@cryptounfolded) June 22, 2026

According to Unfolded and DeFiLlama, the largest attacks included the KelpDAO hack, which resulted in a loss of $293 million, and the Drift Protocol exploit, which caused $280 million in damages. In the cross-chain bridge segment, losses totaled $351 million, with 38% attributed to the LayerZero OFT bridge incident linked to the KelpDAO attack. Another 37% stemmed from compromised admin access and token price manipulation. The theft of private keys accounted for a smaller portion—5.66%.

Source: DeFiLlama.

Despite the high number of incidents, this period was not the costliest in terms of losses. The record for the highest value of hacks still belongs to the fourth quarter of 2020, which saw $3.56 billion in damages.

Dmitry Tarasyuk, Product Director at CORE3 and CER.live, commented to Cointelegraph that the increase in incidents, despite lower total damages, is due to reduced liquidity in the ecosystem available for attacks. He noted that Total Value Locked (TVL) dropped from $164 billion to approximately $73 billion. He also highlighted a gap between the pace of protocol development and the maturity of their risk management systems. Tarasyuk cited projects that use a "three of six" multisig scheme but store three keys on a single laptop as an example.

In May, developers of THORChain confirmed a hack of their cross-chain protocol amounting to $10 million. Following the incident, the THORChain team suspended protocol operations, making trading options, liquidity pool transactions, and other "sensitive" actions unavailable.

It is worth noting that on June 8, unknown attackers compromised wallets associated with the Humanity Protocol project, causing an estimated loss of $31 million.