The second quarter of 2026 has already become the most-hacked quarter on record by incident count, with 83 exploits targeting cryptocurrency protocols, according to analysis by market insights platform Unfolded based on DefiLlama data. However, the $755.3 million stolen during the quarter so far is significantly lower than the $3.56 billion lost in the fourth quarter of 2020, which remains the costliest quarter on record for crypto hacks.

KelpDAO’s $293 million hack and Drift Protocol’s $280 million exploit were the largest incidents of the quarter. These significant breaches signal a shift in the landscape of crypto hacks, where although the frequency of incidents has increased, the total monetary losses have not reached previous peaks. This suggests a new pattern in the world of crypto security: more frequent but less financially damaging attacks.

The figures suggest hacking activity is becoming more frequent, even as total losses remain below previous record levels. Cryptocurrency hacks by monthly sum, all-time chart. The rising incident count and lower aggregate losses may reflect a smaller pool of value available to attackers, according to Dmytro Tarasiuk, product director at risk intelligence platform CORE3 and crypto security rating platform CER.live. He noted that total value locked in DeFi has fallen from $164 billion before the Oct. 10 liquidation event to about $73 billion at press time.

The industry's most pressing vulnerability remains that protocols are re-engineered faster than their underlying risk management complexity, which often means that projects "declare a [three-of-six] multisig [and] store [three] keys on one laptop," leading to more operational vulnerabilities. This rapid evolution of protocols without a corresponding maturation in security measures is leaving many systems open to new forms of exploitation.

Bridge exploits emerged as the leading attack vector in Q2 2026. Cross-chain bridge exploits emerged as the biggest attack vector of the quarter, with $351 million in value hacked from bridges alone. The LayerZero OFT bridge exploit, which led to the $293 million KelpDAO hack, accounted for more than 38% of the value stolen during the quarter. This indicates a significant portion of the stolen funds can be traced back to vulnerabilities in bridge protocols, underscoring the critical need for improved security measures in these systems.

Compromised admin attacks and fake token price manipulation accounted for 37% of losses, while private key compromises represented 5.66%. Total hacked by technique in Q2 2026. This diversification in attack techniques reveals a broad array of vulnerabilities within the crypto ecosystem that attackers are exploiting. Each technique requires different defensive strategies, complicating the security landscape for crypto protocols.

More from Coin Times

MARKETS

Secret Network exploited for $4.67M — Axelar-wrapped assets unbacked

$4.

Ethereum layer-2 blockchain Taiko was the latest network to suffer an exploit on one of its bridge protocols, as hackers stole $1.7 million by compromising Taiko’s chain state verification mechanism. Related: Humanity Protocol’s $36M loss tied to suspected North Korean hackers: Quantstamp. Other notable incidents of the past quarter include the $36 million stolen from Humanity Protocol on June 8 and the $10.7 million exploit on THORChain on May 15.

Other recent incidents include two exploits on Aztec Connect’s abandoned smart contracts, each resulting in $2.1 million stolen, and $1.3 million stolen from decentralized exchange Raydium earlier in June. These incidents highlight a persistent issue in the crypto space: the risk associated with abandoned projects and the lag in updating security protocols. The existence of vulnerabilities in older or less-maintained systems presents ongoing challenges for security teams across the industry.

The incidents add to the ongoing debate about whether the development of new artificial intelligence models has reshaped the crypto industry's security landscape, concerns that arose from the series of exploits in April. During a recent interview, Mitchell Amador, the CEO of bug bounty platform Immunefi, told Cointelegraph that the proliferation of new AI models has shifted the cybersecurity playing field in favor of attackers, causing a “vulnerability apocalypse” that led to the resurgence in exploits.

This integration of AI into hacking strategies presents a double-edged sword. On one hand, AI can be used to fortify security measures, identifying and mitigating threats faster than traditional methods. On the other hand, AI's capabilities can be harnessed by malicious actors to discover new vulnerabilities and execute attacks with increased precision and speed. This duality emphasizes the need for continuous innovation and vigilance in the cybersecurity domain.

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently. With the fast-paced changes in the crypto world, staying informed and aware of new developments and potential vulnerabilities is more crucial than ever for stakeholders in the crypto space.