Crypto hackers steal $1.08B in 68 incidents in 2026 so far, Protos says

Crypto hacking has kept an unusually steady rhythm. Protos reports that in 2026 alone, $1.08 billion has been stolen in at least 68 incidents.

Protos says three major thefts drive “the vast majority of the losses,” and that two of those large incidents landed in April. Protos also calls April a brutal month, citing 30 incidents so far, which works out to more than one a day.

Protos’ report adds texture from the week it was published. It lists 13 individual losses identified by Protos, including three occurring on the same day as the article. Protos notes that while many of these were lower-value events, they still totaled over $11 million.

Protos says it has maintained a catalogue of crypto hacks on its site, covering 2026 so far with a generally applied $100,000 loss cutoff. Protos points readers to the “Live” section for the hack tracker.

Security firms struggle as threats evolve

Even specialists are feeling the pressure. Protos reports that team members from Alchemix, Trading Strategy, and Yearn Finance criticized Peckshield on Wednesday. Their complaint, as Protos frames it, was that Peckshield’s “reckless” alerts implied their products were to blame for losses tied to insecure third-party contracts.

Protos also highlights that experts can get targeted too. CertiK business development manager Mitchell Amador, according to Protos, warned on X that his Telegram account was hijacked by scammers. Protos says the scammers used “fake meeting links” to distribute malware.

AI, visibility, and where the money goes

Protos frames widespread AI use as a factor in the recent perceived uptick in hacks. It cites the view that AI-powered tools help find and exploit vulnerabilities, and that AI also increases researchers’ ability to spot relevant transactions amid blockchain noise.

The report doesn’t treat the spike as purely real-world growth. Protos says the near-constant incident flow could reflect either increased activity or increased visibility.

Protos adds sector-level context from Pigi Finance, which analyzed five years of hacks and estimates that 3.37% of DeFi assets are lost per year in protocol exploits. Protos emphasizes that Pigi Finance’s figure excludes bridge hacks, CEX collapses, wallet drains, and phishing, focusing on “pure protocol-level risk.”

Finally, Protos points to a shift in target selection. It says ImmuneFi’s Mitchell Amador argued that “protocol security has improved dramatically.” Protos also says April’s two largest losses, Drift Protocol’s $280 million and Kelp DAO’s $290 million, were not described as smart contract exploits. Protos concludes that while protocol attacks still exist, recent big payouts increasingly involve long-term social engineering and spear-phishing aimed at compromising privileged machines.