⚡ BREAKINGCryptoSearcher
LIVE
Breaking News · Latest Updates · Live Coverage·Top Stories · Analysis · Opinion·Breaking News · Latest Updates · Live Coverage·Top Stories · Analysis · Opinion
Security

Blockchain Breaches Reach All-Time Six-Month High With 207 Incidents in Early 2026

TRM Labs recorded 207 crypto hacks in H1 2026 — the most ever in a six-month span — with $972 million stolen, nearly half the losses seen in H1 2025. North Korea-linked actors accounted for 66% of stolen funds, while DeFi TVL dropped to a two-year low of $70 billion.

CryptoSearcher|
Blockchain Breaches Reach All-Time Six-Month High With 207 Incidents in Early 2026

A total of 207 cryptocurrency hacks were recorded in the first half of 2026, the highest number of incidents ever documented in a single six-month period, according to a report by blockchain security firm TRM Labs. Despite the record incident count, total stolen value reached $972 million as of June — less than half of the approximately $2.3 billion lost during the same period in 2025.

The majority of attacks were concentrated in Q2 2026, which accounted for 126 of the 207 incidents. Among the most notable exploits during the quarter were breaches involving KelpDAO, Humanity, and Rhea Lend. By comparison, only 85 hacks were reported in H1 2025, meaning the first half of 2026 saw more than double the incident volume year-over-year.

Smart contract exploits were the leading attack vector, responsible for 125 of the 207 breaches — a 60% share of all incidents. However, TRM Labs global head of policy Ari Redbord noted that the most financially damaging attacks stemmed from infrastructure failures rather than code vulnerabilities. According to Redbord, three-quarters of all stolen value came from compromises of private keys, custody systems, and signing infrastructure. He stated that while the industry has improved at auditing code, operational security has not kept pace with on-chain complexity.

North Korea-linked threat actors were responsible for an outsized share of stolen funds. The TRM Labs report attributed 66% of total stolen crypto — approximately $643 million — to entities connected to North Korea. By the end of Q2 2026, that share had reached over 75% before being diluted to 66% as activity from other threat actors increased through the end of the period.

The DeFi sector bore the heaviest impact from the surge in attacks. The KelpDAO breach, the largest single incident at $293 million, involved an attacker using fake tokens as collateral on the Aave lending protocol to borrow $190 million in legitimate assets, including wETH. The exploit triggered a sudden liquidity crunch and a bank run on Aave, with pools reaching full utilization and preventing some depositors from withdrawing their funds.

Broader DeFi security concerns, compounded by bearish market sentiment, contributed to $55 billion in capital outflows from the DeFi sector during H1 2026. Total value locked across DeFi protocols fell to $70 billion at the time of reporting — a two-year low — down from $120 billion seen earlier in the year, according to data from DeFiLlama.

The findings underscore a divergence between the frequency of attacks and the financial losses they generate. While the number of incidents more than doubled compared to the prior year, the stolen value remained below $1 billion for the half-year period, suggesting that individual exploits were, on average, smaller in scale than those recorded in 2025.

Read Also