DeFiLlama reported crypto sector set new quarterly record with 83 security breaches and $775 million stolen in Q2 2026

According to DeFiLlama data, the second quarter of 2026 marked the worst three-month period on record for crypto security. As of June 22, approximately 83 security breaches were reported in the sector, doubling the previous quarterly high for attacks in the industry.

Total losses remain high, but below historical peak

The total value stolen throughout the quarter was estimated at around $775 million. While this figure is substantial, it still falls below the catastrophic losses seen in some previous quarters. The all-time dollar-loss record remains $3.56 billion from the fourth quarter of 2020.

Unfolded, known for compiling data and insights on the crypto market, highlighted that the challenging landscape this quarter was shaped by frequent, smaller-scale attacks rather than a few major hacks. The persistent flow of minor incidents created a heightened sense of insecurity within the sector.

Two incidents accounted for most of the damages

The majority of Q2’s losses stemmed from just two major events: KelpDAO suffered a $293 million theft and Drift Protocol was hit for $280 million. These two breaches alone made up over three-quarters of the total funds stolen during the period.

Both attacks occurred in April. CertiK confirmed that the month saw record losses for the industry with $651 million stolen across 28 to 30 separate attacks.

Mini glossary: A cross-chain bridge is an infrastructure enabling asset transfers between different blockchain networks. OFT (Omnichain Fungible Token) is a standard used in the LayerZero ecosystem, allowing tokens to function seamlessly across multiple blockchains.

Cross-chain bridge vulnerabilities topped the list as the most costly attack vector. In the second quarter, breaches associated with these bridges led to around $351 million in thefts. The LayerZero OFT bridge exploited in the KelpDAO case alone accounted for more than 38% of the quarter’s losses. Compromised admin credentials and fake token price manipulations contributed 37% of damages, while private key theft was responsible for roughly 5.7% of losses.

High frequency of attacks spread across months

Monthly reports from CertiK show 58 incidents in April, 60 in May, and 25 in June so far. Despite more than a week remaining in June, the string of breaches has continued. While May registered the highest number of cases at 60, total losses for that month were just $68.3 million, confirming a trend toward more frequent but less costly hacks.

June also saw significant events: On June 8, $32 million was stolen from Humanity Protocol due to a private key compromise. Aztec Connect’s deprecated smart contracts were targeted twice in one week—$2.19 million was stolen on June 14, followed by another $2 million loss on June 17. Meanwhile, Taiko confirmed on June 22 that its bridge validation mechanism was exploited for $1.7 million. On June 10, decentralized exchange Raydium lost $1.34 million in a counterfeit LP mint attack.

Deprecated contracts become new targets

Smart contracts that development teams had previously abandoned are now being revisited, not for technical upgrades, but because of lingering security flaws. The Aztec incidents underscored that even long-dormant products remain attractive targets for hackers.

In a similar episode, an old vault linked to Thetanuts Finance was drained of $2.1 million on June 15. Security researcher Blockful.eth emphasized that multiple attacks have targeted dormant contracts housing millions in stagnant funds.

CertiK figures show that total accumulated crypto losses from January through the end of May 2026 reached approximately $1.3 billion, with June’s incidents adding to this sum. The data reveal a shift from the massive, single-point bridge or exchange hacks of past years, toward more frequent breaches targeting admin access, bridge infrastructure, and abandoned codebases.

The post DeFiLlama reported crypto sector set new quarterly record with 83 security breaches and $775 million stolen in Q2 2026 appeared first on COINTURK NEWS.