⚡ BREAKINGCryptoSearcher
LIVE
Breaking News · Latest Updates · Live Coverage·Top Stories · Analysis · Opinion·Breaking News · Latest Updates · Live Coverage·Top Stories · Analysis · Opinion
Crypto

Crypto Industry Bleeds $75.87 Million Across 40 Security Breaches in June 2026

Crypto platforms lost $75.87 million to 40 hacking incidents in June 2026, with Humanity Protocol's $30 million breach topping the list, according to PeckShield. Deprecated smart contracts and cross-chain laundering were key themes of the month.

CryptoSearcher|
Crypto Industry Bleeds $75.87 Million Across 40 Security Breaches in June 2026

The cryptocurrency sector suffered significant financial damage in June 2026, with hackers successfully extracting approximately $75.87 million across 40 separate incidents, according to data compiled by blockchain security firm PeckShield. While the figure represents a 7.13% decrease compared to May's $81.7 million in losses, the monthly tally underscores persistent vulnerabilities in the industry — particularly around bridges, smart contract logic, and private key management.

The single largest incident of the month involved Humanity Protocol, which sustained losses exceeding $30 million after attackers gained access to private keys stored on a developer machine compromised by malware. Security researchers at Quantstamp noted that the tools and tactics employed in the attack bear strong resemblance to methods typically associated with North Korean state-sponsored hacking groups. Following the theft, the perpetrators laundered stolen assets across multiple blockchain networks, including Bitcoin (BTC), Solana (SOL), Hyperliquid (HYPE), and BNB Chain. Quantstamp also flagged that the laundered funds appear to have been mixed with proceeds from the KelpDAO exploit, raising the possibility that the same threat actors were responsible for both incidents.

The second-largest breach of the month hit Syscoin Bridge, where an attacker managed to mint unauthorized SYS tokens, resulting in a $10 million loss. A MEV (Maximal Extractable Value) bot operated under the pseudonym JaredFromSubway.eth was drained of $7.5 million, while Secret Network experienced a $4.67 million loss following a separate attack.

Among the more unusual incidents were two attacks targeting Aztec-linked products that had already been officially retired. Aztec Payments Product lost approximately $2.16 million, and Aztec Connect suffered a $2.1 million drain, bringing combined losses from these two incidents close to $4.3 million. Aztec Labs publicly confirmed it no longer had any control over the affected systems, as both products had been deprecated years prior — one as far back as 2022. The attacks serve as a stark reminder that immutable smart contracts can remain accessible and exploitable even after development teams have abandoned them.

Other notable incidents included a phishing campaign targeting Polymarket users, which resulted in roughly $3 million in losses, as well as $2.4 million in combined losses affecting SecondFi and TESSERA. The Taiko Bridge exploit rounded out the top ten incidents, accounting for an additional $1.7 million in stolen funds.

June's security landscape painted a concerning picture for the broader crypto ecosystem. The month demonstrated that attackers are increasingly willing to target deprecated infrastructure alongside active protocols, leveraging cross-chain laundering techniques to obscure the movement of stolen assets. Legacy contracts left running without active oversight continue to represent an underappreciated attack surface — one that bad actors appear more than willing to exploit long after development teams have moved on.

Read Also