Q2 2026 has shattered records for the number of cryptocurrency hacks, with 83 separate incidents recorded through mid-June, according to DeFiLlama data analyzed by Unfolded. This figure roughly doubles the previous quarterly record and makes it the most active period for crypto attackers ever documented.
Despite the unprecedented frequency, total losses remain relatively contained at approximately $755.3 million. This stands in stark contrast to the $3.56 billion stolen in Q4 2020 and the single $1.4 billion Bybit breach of February 2025. The data reveals a fundamental shift in attack patterns: cybercriminals are now opting for a constant stream of smaller exploits rather than isolated mega-heists.
The two largest incidents—the $293 million exploit of KelpDAO and the $280 million breach of Drift Protocol—accounted for over three-quarters of the quarter’s losses. Cross-chain bridges emerged as the most vulnerable target, with bridge-related attacks resulting in roughly $351 million in losses. The LayerZero OFT bridge vulnerability exploited in the KelpDAO case alone represented 38% of Q2 stolen funds. Compromised administrator accounts and fake token price manipulation schemes caused another 37% of losses, while private key compromises contributed 5.66%.
Other notable incidents include a $36 million theft from Humanity Protocol, two separate $2.1 million attacks on abandoned Aztec Connect smart contracts, and a $1.3 million exploit on decentralized exchange Raydium. The surge in attacks has raised concerns that advances in AI are enabling attackers to target administrators, multisig wallets, and bridge infrastructure rather than just code vulnerabilities, expanding the attack surface even as protocols become more sophisticated.
For the industry, the Q2 2026 figures signal a troubling trend: instead of preparing for the rare billion-dollar incident, protocols and investors may now face a near-constant barrage of smaller breaches, raising urgent questions about whether existing security practices can keep pace.
