SecurityMPCThreshold SignaturesCrypto Hacks

Q2 2026: The Most-Hacked Quarter in Crypto History — And What It Actually Means

By VultisigUpdated June 22, 2026

Q2 2026 just became the most-hacked quarter on record.

83 incidents. $755.3 million stolen. That's not a typo. According to analysis by Unfolded based on DefiLlama data, the second quarter of 2026 has already surpassed every previous quarter by incident count. And we're not done yet.

But here's the part that should make you pause: the record is for incident count, not dollars. The total stolen is actually down from the value record. That belongs to Q1 2025: roughly $1.64 billion in a single quarter, most of it the $1.5 billion Bybit hack. The attackers aren't necessarily stealing more. They're hitting more targets, more often, with surgical precision.

The landscape has shifted. And if you're still using a single-key wallet — hardware or hot — you're holding a target, not an asset.


What Actually Got Hit in Q2 2026

Let's look past the aggregate and at the mechanics. Because the pattern tells the real story.

Bridge exploits topped the list at $351 million. The KelpDAO hack — $293 million via a compromised LayerZero OFT bridge — accounted for over 38% of all stolen value this quarter alone. That's one exploit. One bridge. Almost $300 million.

Fake token price manipulation and admin-key compromise clocked in at 37% combined, almost all of it the single Drift Protocol exploit ($280 million).

Private key compromises made up just under 6% more.

Think about what these vectors have in common: single points of failure. One admin key with too much power. One bridge contract holding too much value. One private key sitting on one device.

Let's break it down.


The Three Attack Patterns That Keep Repeating

1. "We declared a 3-of-6 multisig and stored 3 keys on one laptop"

That's a direct quote from Dmytro Tarasiuk, product director at CORE3 and CER.live. It sounds absurd, but it's the reality of how many projects handle operational security.

A multisig alone doesn't fix the problem if the keyholders don't actually distribute the keys. If three of six keys sit on the same machine, you haven't eliminated the single point of failure — you've just given it a fancier name.

The Vultisig difference: Threshold signatures don't just require multiple parties. Each party holds a share, not a copy of a key. There's no "key" to steal. No seed phrase to leak. No admin key that, if compromised, drains the entire treasury.

Learn how this works: What Is a TSS Wallet?

2. Bridge exploits are getting worse, not better

Cross-chain bridges have been called the "weakest link in DeFi" for years. Q2 2026 proved it again. Taiko lost $1.7 million to a compromised chain state verification. THORChain lost $10.7 million to a bridge-level exploit. The list goes on.

Why do bridges keep getting hit? Because they concentrate risk. They hold enormous amounts of value in single contracts, controlled by — you guessed it — single admin keys or multisigs that aren't actually distributed.

The fix isn't better bridge code. The fix is architecture that doesn't need bridges to hold funds in the first place.

Vultisig vaults handle multi-chain natively. No bridge custody. No counterparty risk. Your Bitcoin, Ethereum, Solana, and 35+ other chains live in one vault, secured by the same threshold signing protocol.

See how we compare on custody: Vultisig vs Ledger: Why Hardware Wallets Aren't Enough

3. The "vulnerability apocalypse" is already here

Mitchell Amador, CEO of Immunefi, put it bluntly: new AI models have shifted cybersecurity in favor of attackers. He calls it a "vulnerability apocalypse." Hackers are now scanning codebases at machine speed, finding edge cases humans would miss, and exploiting them faster than teams can patch.

But here's the flip side Amador didn't emphasize: if the attackers got smarter, your defense needs to get architectural.

You can't patch your way out of a single-key compromise. You can't rotate a seed phrase after it's been photographed by malware. The protection needs to be baked into the design.

That's why Vultisig is seedless. No phrase to leak. No key to extract. The vault can't be drained from any single device — because no single device ever has the full signing power.

Read more on why seedless matters: Seedless Wallets: What They Are and Why the Category Is Splitting in Two


The Numbers That Matter More Than $755 Million

Let's put the quarter in context with the biggest incidents:

  • KelpDAO: $293M — LayerZero OFT bridge exploit
  • Drift Protocol: $280M — Fake token price manipulation
  • Humanity Protocol: $36M — North Korean-linked exploit
  • THORChain: $10.7M — Bridge-level vulnerability
  • Aztec Connect: $3.4M — Two exploits on abandoned smart contracts
  • Raydium: $1.3M — Admin key compromise
  • Taiko: $1.7M — Chain state verification breach

Seven incidents. $626.1 million. That's 83% of the quarter's total losses concentrated in seven hits.

The lesson: it's not about how many protocols get audited. It's about whether the architecture can be drained from one point of failure.

Where would a threshold-native model have changed the outcome? Be precise about it. Raydium's admin-key compromise and every private-key drain in the quarter are exactly the failure class threshold signing erases — there's no single key to steal, so a compromised laptop or leaked phrase signs nothing. The bridge and oracle exploits are contract-level bugs no wallet can patch for a protocol. But they're the reason a user holds assets natively across chains instead of locking them in a bridge contract: the custody risk those exploits feed on never has to exist in the first place.


What This Means for Regular Users

If you're not a protocol developer or a DeFi whale, you might be tempted to skip this story. Don't.

The same patterns hitting protocols are hitting individual wallets every day. Microsoft just disclosed malware that spreads via USB sticks and hijacks crypto wallets. The TrustedVolumes resolver exploit compromised 1inch-adjacent infrastructure. North Korean hackers are getting more sophisticated, not less.

The single-key model — whether it's a Ledger Nano, a MetaMask hot wallet, or a phone app — has one fundamental weakness: compromise one device, steal everything.

Contrast that with a threshold-native vault. With Vultisig, your vault requires 2 of 3 devices to sign any transaction. Even if one device gets infected, the malware can't move funds. It doesn't have enough "votes."

Think of it like a corporate check that needs two signatures. Except the signatures are cryptographic shares generated by independent devices, and the vault can hold any supported chain.

See how Vultisig compares to the wallets you might already use:


Building for an Era of Automated Attacks

The Immunefi CEO is right: AI-powered attackers move at machine speed. They don't sleep, don't miss patterns, and don't need to social-engineer every target — they can just scan and exploit at scale.

But there's another machine-speed story unfolding: the machine economy.

While hackers are automating exploits, AI agents are automating legitimate commerce. We're seeing Visa-powered virtual cards for AI agents (Alchemy), national ID frameworks for autonomous systems (Estonia), and USDC-settled businesses run entirely by prompts (Y Combinator's latest demo).

These agents will need wallets. And there's no version of that future where a single-key wallet makes sense.

An AI agent holding a private key is a honeypot. An AI agent managing a threshold-native vault is infrastructure.

That's why we're building an SDK, not just a consumer app. If you're shipping an AI agent that needs to hold, send, or sign anything on-chain, you need signing infrastructure that matches the threat model. Read the SDK docs.


FAQ

How is a threshold signature different from a regular multisig?

In a regular multisig, each party holds a complete key. In a threshold signature scheme (TSS), each party holds a mathematical share. No single share lets you sign alone. The result is a single signature that looks standard to the blockchain, but was produced cooperatively by multiple devices. Read the deep dive.

Does Vultisig support the chains I actually use?

Yes. Bitcoin, Ethereum, Solana, THORChain, and 35+ others. The same vault, same threshold signing, zero bridges. See the full chain list in our documentation.

What happens if one of my devices is lost or stolen?

Your vault remains secure. One device cannot sign alone. You can use the remaining devices to rotate the vault and replace the lost share. No need to move funds or create a new wallet. See our recovery guide.

Can developers build on Vultisig?

Yes. The Vultisig SDK handles vault creation, key generation, transaction building, and signing for any supported chain. Start here.

Isn't hardware more secure than a phone?

Not necessarily. Hardware wallets have one major weakness: the seed phrase. Once that phrase is exposed via malware, social engineering, or physical access, the hardware device becomes irrelevant. Vultisig removes the seed phrase entirely. Learn more.


The Bottom Line

$755 million in Q2 isn't a statistic. It's a pattern.

Bridges keep failing. Admin keys keep getting compromised. Seed phrases keep leaking. The attackers aren't getting lazier — they're getting systematic.

The projects that survive the next quarter won't be the ones with the most audits. They'll be the ones whose architecture makes the exploit impossible in the first place.

No single key. No seed phrase. No bridge custody. That's not a feature list. That's survival infrastructure.

Get the Vultisig app. Read the SDK docs. Build something they can't drain.