Pray tell, what mischief has befallen the realm of digital coinage! Cross-chain bridges, those vaunted structures meant to convey assets betwixt blockchains, have suffered a most grievous fate, losing a staggering £328.6 million to ne’er-do-wells in the month of May 2026 alone.
-
Observations of Note:
- Peckshield, that vigilant sentinel of blockchain security, hath chronicled eight such exploits by mid-May, with the aforementioned sum pilfered from cross-chain protocols.
- April 2026, a month most foul, saw KelpDAO’s £300M Layerzero breach and Drift’s £200M+ calamity, rendering it the most hacked month in the annals of crypto, according to Defillama.
- The year 2026 hath already witnessed losses exceeding £750M by mid-April, with May’s Verus bridge debacle adding a further £11.5M to this lamentable tally.
Crypto’s Most Unfortunate Season of Cross-Chain Mischief
Peckshield, that bastion of blockchain security and data analytics, hath released a mid-May accounting of eight bridge-related exploits, which together have siphoned £328.6 million from cross-chain protocols thus far this year. This lamentable sum adds to what hath become the most trying period for decentralized finance (DeFi), while simultaneously laying bare a systemic frailty that the industry hath yet to remedy entirely.
Cross-chain bridges, those ingenious contraptions, operate by locking tokens on one blockchain and minting equivalent assets on another, thereby creating high-value targets where miscreants need only compromise the bridge’s verification mechanism to gain access to pooled liquidity. This structural vulnerability became glaringly apparent in April 2026, a month most notorious as crypto’s most hacked, with 30 separate incidents, a pace of nearly one attack per day. Good heavens!
Two of the most audacious attacks occurred in swift succession that month. KelpDAO’s Layerzero V2 rsETH route was compromised for approximately £300 million on April 18, with a scoundrel extracting 116,500 rsETH from Ethereum’s OFT adapter sans burning tokens on the source chain. A review by Chainalysis revealed that Layerzero had set a low 1-1 RPC quorum default, meaning a single poisoned node could authorize fraudulent cross-chain messages. KelpDAO, in a fit of pique, migrated to Chainlink’s Cross-Chain Token standard, publicly castigating Layerzero for this infrastructural failure.
Days later, Drift Protocol endured a £200 million-plus exploit on its Solana-based infrastructure. A CertiK analyst remarked that these incidents reflected a high-stakes shift in cross-chain cybercrime strategy, with miscreants growing ever more cunning in their identification and exploitation of bridge verification weaknesses.
A Slow Death by a Thousand Cuts
Smaller incidents have trickled in the months before and since, with IoTeX’s bridge suffering a loss of approximately £2 million in February through a private key exploit. Subsequently, TAC Protocol lost £2.8 million in early May in what was later deemed a white hat incident after the hacker claimed a 10% bounty. How very sporting of them!
Transit Finance, a cross-chain aggregation protocol, was drained of £1.88 million on May 13, and most recently, the Verus-Ethereum bridge lost approximately £11.5 million, with the attacker’s wallet traced to a Tornado Cash seed. Tsk, tsk!
Peckshield’s data had already shown total hack losses reaching £112.5 million in the first two months of 2026 alone, before April’s surge pushed cumulative losses beyond £750 million by mid-April. With May’s incidents adding to this lamentable figure, 2026 is poised to surpass all previous records for DeFi losses. Whatever shall we do?
Read More
- APT PREDICTION. APT cryptocurrency
- Nvidia Stock Price: Bull Flag Pattern Signals May 2026 Rally?
- BNB PREDICTION. BNB cryptocurrency
- WLFI PREDICTION. WLFI cryptocurrency
- ICP PREDICTION. ICP cryptocurrency
- DASH PREDICTION. DASH cryptocurrency
- USD RUB PREDICTION
- EUR INR PREDICTION
- HYPE PREDICTION. HYPE cryptocurrency
- SOL PREDICTION. SOL cryptocurrency
2026-05-18 12:28