The total value of all cross-chain bridge exploits in 2026 has exceeded $328 million in eight distinct incidents. These losses occur as crypto hackers’ attacks against interoperability protocols for transferring assets between different blockchain networks have increased.
Crypto Hackers Rake In $328 Million Via Cross-Chain Attacks
The updated numbers from PeckShield indicated that the crypto industry has lost $328.6 million due to cross-chain hacks. The most recent attack occurred on May 18 when the Verus-Ethereum Bridge suffered $11.4 million in losses. Moreover, on May 15, THORChain had already been hit with a second $10 million hack.
The biggest attack of the year thus far concerns KelpDAO and LayerZero. On April 18, crypto hackers syphoned off about $292 million from the KelpDAO’s rsETH route. The attackers were able to withdraw 116,500 rsETH from the Ethereum adapter of OFT without burning the tokens from their home chain.
Meanwhile, Chainalysis’ 1-1 RPC quorum review revealed that LayerZero’s setup made it possible for a single compromised node to validate fraudulent cross-chain messages. Later, KelpDAO shifted to the cross-chain token standard by Chainlink and took the blame for the infrastructure weakness.
Interesting News: Kenya Blockchain & Crypto Conference 2026: Top Exchanges Move To Expand Payments System
Other Crypto Hacks This Year
There were also a number of other attacks on bridge ecosystems listed in PeckShield’s latest incident tracker this year. ZetaChain suffered a loss of approximately $300,000 on April 27. In addition, crypto hackers targeted Hyperbridge, leading to the loss of $2.5 million on April 13. On April 7, Squid Router reported that it had suffered a $1 million incident.
The attacks made April the month with the highest number of exploits in the history of crypto. The industry suffered 30 unique hacks in the month, with an average of almost one attack occurring every day.
In addition, Drift Protocol faced a $280 million loss, becoming the largest exploit of April 2026. Earlier, the IoTeX.io Bridge lost around $8.8 million on Feb. 21, and CrossCurve lost $3 million on Feb. 1.
Cross-chain bridges serve as a top target for crypto hackers. It’s because these systems have massive pools of locked tokens and are dependent on a message verification system between blockchains. Thus, attackers are now targeting these validation mechanisms instead of attacking the underlying chains, according to security analysts.
Why It Matters For Africa’s Crypto Industry
The African Blockchain Developers Association took to LinkedIn to express its dismay over the KelpDAO exploit. They named it “the largest hack of 2026” and noted it “just sent shockwaves through the ecosystem”.
Further, the group said the incident wasn’t limited to any single protocol. To justify their point, they spotlighted how liquid restaking tokens are now the “money legos of DeFi”. These tokens aid in connecting lending, staking, and yield systems on various platforms. Hence, crypto hackers target such protocols and exploit their vulnerabilities.
The organisation also pointed out the overall ‘contagion’ impact of the exploit. Aave and SparkLend shut down markets related to their exposure to the token’s rsETH to prevent bad debt. Meanwhile, Pendle and Yearn paused their yield strategies when the risks around the token began to rise.
In Africa, the incident prompted concerns about the security of the infrastructure. Risks continue to grow as developers rely on cross-chain systems to move into the stablecoin space, remittances and decentralised finance.
Also Read: Telegram Wallet Adds Amharic Support as Crypto Adoption Expands in Ethiopia
