{"id":73970,"date":"2026-06-13T13:07:42","date_gmt":"2026-06-13T13:07:42","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/q2-2026-has-been-cryptos-most-hacked-quarter-on-record-with-nearly-70-exploits\/"},"modified":"2026-06-13T13:07:42","modified_gmt":"2026-06-13T13:07:42","slug":"q2-2026-has-been-cryptos-most-hacked-quarter-on-record-with-nearly-70-exploits","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/q2-2026-has-been-cryptos-most-hacked-quarter-on-record-with-nearly-70-exploits\/","title":{"rendered":"Q2 2026 Has Been Crypto&#8217;s Most-Hacked Quarter on Record With Nearly 70 Exploits"},"content":{"rendered":"<p><b>(Originally posted on : Bitcoin News )<\/b><br \/>\n<\/p>\n<div>\n<p><span style=\"font-weight:400\"><\/p>\n<div class=\"@container mb-[25px] rounded-sm overflow-clip py-0.5 pr-0.5 pl-2.5 bg-success-100\">\n<div class=\"flex flex-col gap-m overflow-clip rounded-[6px] !bg-success-10 p-3 @[420px]:p-m\">\n<h2 class=\"m-0 flex items-center gap-s text-[19px] !text-[#1c1c1c] md:text-[20px]\"><svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"16\" height=\"10\" viewbox=\"0 0 16 10\" fill=\"none\" class=\"shrink-0 text-success-100\" aria-hidden=\"true\"><path d=\"M1 1.5h14\" stroke=\"currentColor\" stroke-width=\"2.5\" stroke-linecap=\"round\"\/><path d=\"M1 8.5h10\" stroke=\"currentColor\" stroke-width=\"2.5\" stroke-linecap=\"round\"\/><\/svg><span>Key Takeaways<\/span><\/h2>\n<ul class=\"m-0 flex list-none flex-col gap-m pl-0\">\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">Defillama logged about 70 hacks during Q2 2026, roughly double the prior record for incident count.<\/span><\/li>\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">Despite the volume, the $746M stolen trails past peaks, signaling a shift to smaller, more frequent attacks.<\/span><\/li>\n<li class=\"m-0 flex items-start gap-s !text-[#434248]\"><span class=\"mt-2 size-2 shrink-0 rounded-full bg-success-100\" aria-hidden=\"true\"\/><span class=\"text-body\">April 2026 alone saw 30 incidents and over $625M lost, led by the Drift Protocol exploit and KelpDAO breach.<\/span><\/li>\n<\/ul>\n<\/div>\n<\/div>\n<p><\/span><\/p>\n<h2><span style=\"font-weight:400\">A Record Built on Many Small Hits<\/span><\/h2>\n<p><span style=\"font-weight:400\">The second quarter of 2026 is already the <\/span><a href=\"https:\/\/twitter.com\/DefiLlama\/status\/2065229789837832494\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight:400\">most-hacked quarter on record<\/span><\/a><span style=\"font-weight:400\">, tallying about 70 hacks, which is roughly twice the previous record for the number of incidents in a single quarter. Yet the total sum stolen, about $746 million, is a fraction of the peak reached in recent years. On the subject, D<\/span><span style=\"font-weight:400\">efillama analysts noted:<\/span><\/p>\n<blockquote>\n<p><span style=\"font-weight:400\">\u201cRather than a few giga exploits, it\u2019s been a <\/span><span style=\"font-weight:400\">constant stream of smaller attacks<\/span><span style=\"font-weight:400\">.\u201d<\/span><\/p>\n<\/blockquote>\n<p><span style=\"font-weight:400\">That pattern marks a departure from the mega-heists that defined earlier years, when a handful of nine-figure bridge and protocol exploits drove annual totals. Attackers seem to be spreading their efforts across many lower-value targets rather than chasing single, headline-grabbing scores (a strategy that is harder for the industry to track and defend against).<\/span><\/p>\n<figure id=\"attachment_822286\" aria-describedby=\"caption-attachment-822286\" style=\"width:2560px\" class=\"wp-caption aligncenter\"><figcaption id=\"caption-attachment-822286\" class=\"wp-caption-text\">Q2 2026 has already become the most-hacked quarter on record with 70 incidents (2X the record), per Defillama<\/figcaption><\/figure>\n<p><span style=\"font-weight:400\">The quarter\u2019s damage was front-loaded, with April being confirmed as <span>crypto<\/span>\u2019s <\/span><a href=\"https:\/\/news.bitcoin.com\/defillama-confirms-april-2026-as-cryptos-most-hacked-month-with-30-incidents\/\"><span style=\"font-weight:400\">most-hacked month on record<\/span><\/a><span style=\"font-weight:400\">, with about 30 incidents and more than $625 million stolen. Two breaches dominated, namely Drift Protocol\u2019s $285 million losses on April 1, and KelpDAO $293 hack on April 18 (together about 93% of April\u2019s outflows). The remaining two dozen-plus incidents mostly came in under $5 million, many below $1 million.<\/span><\/p>\n<p><span style=\"font-weight:400\">The monthly pace stayed elevated through May as roughly 14 <span>decentralized finance<\/span> ( <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-defi-decentralized-finance\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">DeFi<\/a>) protocols were hit during the month, of which about eight were bridge-related, with collective losses near $28 million. By the end of May, cumulative <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-defi-decentralized-finance\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">DeFi<\/a> losses for 2026 had topped $840 million across more than 50 incidents in five months, versus about 30 over the same span in 2025, a roughly 70% year-over-year jump in frequency.<\/span><\/p>\n<h2><span style=\"font-weight:400\">Bridges and Stolen Keys in Focus<\/span><\/h2>\n<p><span style=\"font-weight:400\">The repeated break-ins pointed to two recurring weak spots. Cross-chain bridges, which lock assets on one network and mint equivalents on another, remained a favored target because a single flaw can expose pooled funds. Similarly, security analysts flagged a broader pivot from code exploits to key theft, as attackers increasingly used social engineering and phishing to capture <a href=\"http:\/\/www.bitcoin.com\/get-started\/what-is-a-private-key\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">private keys<\/a> rather than hunt for smart-contract bugs.<\/span><\/p>\n<p><span style=\"font-weight:400\">That evolution has been visible over a longer horizon, given <a href=\"http:\/\/www.bitcoin.com\/get-started\/a-quick-introduction-to-crypto\/\" class=\"lar_link lar_link_outgoing\" target=\"_blank\" rel=\"noopener noreferrer\">crypto<\/a> hacks have <\/span><span style=\"font-weight:400\">topped $17 billion<\/span><span style=\"font-weight:400\"> over the past decade, with the attack surface steadily moving from protocol code toward the humans and operational systems around it. The first quarter of 2026 had already set a grim baseline, with about <\/span><span style=\"font-weight:400\">$169 million<\/span><span style=\"font-weight:400\"> stolen across 34 protocols.<\/span><\/p>\n<p><span style=\"font-weight:400\">With the quarter not even done, the final tally could climb further. Auditors warn the sector is running close to one attack per day, and the steady drip of mid-sized exploits keeps pressure on bridges, key management and incident response. <\/span><\/p>\n<p><span style=\"font-weight:400\">The data offers one sliver of relief, which is that smaller average losses suggest better segmentation of funds, even as the sheer number of successful attacks hits a record. Whether protocols can slow the cadence and not just cap the damage will define the rest of 2026.<\/span><\/p>\n<\/p><\/div>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><a href=\"https:\/\/news.bitcoin.com\/defillama-q2-2026-has-been-cryptos-most-hacked-quarter-on-record-with-nearly-70-exploits\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : Bitcoin News ) Key Takeaways Defillama logged about 70 hacks during Q2 2026, roughly double the prior record for incident count. Despite the volume, the $746M stolen trails past peaks, signaling a shift to smaller, more frequent attacks. April 2026 alone saw 30 incidents and over $625M lost, led by the [&hellip;]<\/p>\n","protected":false},"author":3947362404,"featured_media":73971,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[32],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/73970"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/3947362404"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=73970"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/73970\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/73971"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=73970"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=73970"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=73970"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}