Crypto Hackers Steal $169M from 34 DeFi Protocols in Q1 2026

Crypto hackers stole over $168.6 million from 34 decentralized finance (DeFi) protocols in the first quarter of 2026, according to data from DefiLlama. The largest incident was the $40 million private key compromise of Step Finance in January, followed by a $26.4 million smart contract exploit of Truebit on January 8. Another significant attack targeted stablecoin issuer Resolv Labs on March 21.

Although these losses are substantial, they are markedly lower than the $1.58 billion stolen in Q1 2025, which included the $1.4 billion Bybit exploit. Experts caution that crypto hacks are not tied to specific calendar periods.

Evolving Threats in the Crypto Space

Nick Percoco, Chief Security Officer at Kraken, noted that attackers are drawn to areas with concentrated liquidity, such as bull markets, major product launches, and fast-growth phases. Threat actors range from highly coordinated groups to opportunistic hackers exploiting vulnerabilities in smart contracts and client-facing systems. North Korea linked actors continue to target Web3 infrastructure, including recent attacks on Drift Protocol.

Percoco emphasized that crypto security must be continuous, as attackers deliberately assess infrastructure, code, and operational gaps. Transparency in blockchain makes high-value, technically complex targets particularly attractive.

Disclaimer

This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.