Key facts
- The second quarter of 2026 recorded 83 cryptocurrency hacks, the highest number in a single quarter.
- A total of $755.3 million was stolen across these 83 incidents.
- Cross-chain bridges were the most costly attack vector, with $351 million lost.
- The KelpDAO hack, valued at $293 million, was the largest incident of the quarter.
- The development of new AI models is suggested to have shifted the cybersecurity landscape in favor of attackers.
The second quarter of 2026 has set a new record for the number of cryptocurrency hacks, with 83 security incidents reported. These exploits collectively resulted in $755.3 million in stolen assets, according to an analysis by Unfolded using DefiLlama data. While the incident count is the highest on record, the total value lost is considerably lower than the $3.56 billion recorded in the fourth quarter of 2020, which remains the costliest quarter for crypto hacks.
Cross-chain bridges were identified as the most significant attack vector during Q2 2026, with hackers stealing $351 million specifically from these protocols. The exploit of the LayerZero OFT bridge, which led to the $293 million KelpDAO hack, accounted for over 38% of the quarter's total losses. Other attack methods included compromised admin actions and fake token price manipulation, which together represented 37% of the losses, while private key compromises accounted for 5.66% of the total value stolen.
Notable incidents contributing to the quarterly figures include the $293 million hack of KelpDAO and the $280 million exploit of Drift Protocol. The Ethereum layer-2 blockchain Taiko also experienced a $1.7 million theft through its bridge protocol by compromising its chain state verification mechanism. Other recent incidents include a $36 million loss from Humanity Protocol and a $10.7 million exploit on THORChain. Additionally, two separate exploits on Aztec Connect’s abandoned smart contracts each resulted in $2.1 million stolen, and the decentralized exchange Raydium lost $1.3 million earlier in June.
Mitchell Amador, CEO of the bug bounty platform Immunefi, suggested that the increasing frequency of exploits may be linked to the proliferation of new artificial intelligence models. He stated that AI has shifted the cybersecurity landscape in favor of attackers, leading to what he described as a "vulnerability apocalypse."