Q2 2026 saw 83 crypto hacks, $755M stolen
Q2 2026 recorded 83 cryptocurrency incidents and $755.3 million stolen, led by a $293 million KelpDAO breach and a $280 million exploit of Drift Protocol.
The second quarter of 2026 recorded 83 cryptocurrency incidents and $755.3 million stolen, the highest quarterly incident count on record, according to analysis by market insights platform Unfolded using DefiLlama data. The two largest losses were a $293 million breach at KelpDAO and a $280 million exploit of Drift Protocol.
Cross-chain bridge exploits accounted for about $351 million of the quarter’s losses. The LayerZero OFT bridge exploit that led to the KelpDAO theft represented more than 38% of the quarter’s total stolen value. Compromised administrative access and fake token price manipulation together made up roughly 37% of losses, while private key compromises represented about 5.66%.
Other notable incidents included the June 8 loss of roughly $36 million from Humanity Protocol and a $10.7 million theft from THORChain on May 15. Ethereum layer-2 chain Taiko experienced a bridge-related attack that targeted its chain state verification mechanism, costing about $1.7 million. Two exploits tied to abandoned Aztec Connect contracts each removed about $2.1 million, and the Raydium decentralized exchange reported a $1.3 million theft in early June.
The quarter’s $755.3 million in losses is below the costliest quarter on record, the fourth quarter of 2020, when approximately $3.56 billion was stolen.
Mitchell Amador, chief executive of bug bounty platform Immunefi, characterized the spread of new artificial intelligence models as producing a “vulnerability apocalypse” and linked automated tooling and code-generation capabilities in AI to faster identification and weaponization of weaknesses by attackers.
Unfolded and DefiLlama will continue updating their tallies while investigators and on-chain analytics firms trace stolen funds and attempt recoveries. Affected protocols report ongoing work to patch vulnerabilities and strengthen operational controls. Developers and security teams are using audits, multisignature wallets, timelocks and larger bug bounties. Some advocate for standardized bridge designs and stronger verification mechanisms at the protocol level to reduce single points of failure.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.







