Q2 2026 Sets Record for Crypto Hacks Despite Lower Losses

Q2 2026 has set the record for the quarter with the most crypto-related hacks, with 83 separate exploits documented across the ecosystem. Despite the record-setting figures, the total losses during the quarter stand at only $755 million, far less than other quarters with fewer hacking incidents.

A surge in hacking incidents for crypto

According to a report by Unfolded, 83 protocols recorded security breaches, setting a new quarterly record for the industry in terms of frequency. Q2 2026 overtook the previous record set during the 2024 exploit wave, which recorded roughly 72 hacking and fraud incidents across the sectors.

While Q2 2026 holds the record for most exploits, the figures pilfered by bad actors pale in comparison to previous quarters. For context, Q2 2026 logged total losses of $755.3 million, significantly less than the $3.56 billion stolen by hackers in Q4 2026.

Source: DeFiLlama 

“The total amount hacked is a fraction of the previous peaks,” wrote Unfolded on X. “Rather than a few giga exploits, it’s been a constant stream of smaller attacks.”

Experts say the dip in the value of losses and the spike in exploit incidents is linked to the decline in available funds in cryptocurrency projects. As the cryptocurrency ecosystem navigates an extended bearishness, TVL in protocols has fallen, with the global cryptocurrency market capitalization sliding to $2.16 trillion from highs of nearly $4 trillion.

The surge in crypto hacks during the quarter has ties to the rapid advancement of artificial intelligence. Already, Anthropic shuttered its Fable model over fears that foreign entities can use it to discover and exploit software vulnerabilities.

Meanwhile, Curve Finance founder Michael Egorov disclosed that AI can shift the odds in favor of projects from “reactive security to proactive protection,” helping them find the bugs before bad actors.

A streak of high-profile exploits rocked the ecosystem

Among the flurry of attacks, several exploits grabbed the headlines for their scale and the ripple effect they created. Right off the bat, KelpDAO and Drift Protocol topped the leaderboard for losses recorded, losing $293 million and $280 million, respectively.

Zooming out, a bird’s-eye view reveals that bridge vulnerabilities remain hackers’ preferred entry point. Over half of the quarterly losses, around $351 million in value, were the result of bridge-related exploits, underscoring an area for protocols to beef up their defenses.

Yesterday, Ethereum L2 Taiko halted block production after suffering a $1.7 million exploit, extending the streak of hacking incidents. Hours before the Taiko incident, an Ethereum sandwich bot lost over $7.5 million after bad actors launched a coordinated attack at its MEV trading strategy.

Previously, Q2 saw Humanity Protocol lose over $30 million at the start of June while THORChain bled $10 million, with both exploits indicating an array of attack methods available to bad actors.