The cryptocurrency industry faced a severe security crisis in March 2026, with losses from hacks nearly doubling to $52 million. A new “shadow contagion” effect is spreading the damage to unrelated DeFi protocols. The situation worsened dramatically in April, with a single incident on Solana resulting in a $285 million theft.
Data identified 20 separate crypto exploits in March, amounting to $52 million in losses. This marked a 96% increase over the $26.5 million stolen in February.
Security researchers noted that these attacks are now triggering a “shadow contagion” beyond the initial losses. A single breach can destabilize lending markets and create bad debt for protocols not directly compromised.
The largest March incident involved ResolvLabs, where attackers exploited an AWS key vulnerability to mint 80 million USR tokens. The $25 million breach caused bad debt across other protocols like Morphoblue, Euler, and Fluid.
In another case, a hacker bypassed a supply cap on Venus Protocol to borrow nearly $15 million. While initially reported as a $3.7 million exploit, on-chain investigations show the attacker lost over $4 million while creating $2.18 million in bad debt.
Other major exploits included a $24 million heist from online personality Sillytuna involving physical coercion. A separate social engineering attack resulted in the theft of $18 million worth of ETH from a Kraken user.
Additional data shows further March exploits on platforms like Cyrus Finance, which lost $5 million, and Solv on Bitcoin, which lost $2.7 million.
April began disastrously with a scheme hatched in March resulting in a $285 million loss from Drift Protocol, a perpetual futures exchange on Solana. In the aftermath, blockchain investigator ZachXBT called out stablecoin issuer Circle over perceived inaction as the attacker bridged millions in USDC.
