Crypto Hacks Surge 96% in March as Resolv Exploit and Physical Attacks Drive $52M Losses
The cryptocurrency industry endured a brutal March, with malicious actors extracting more than $52 million across 20 separate incidents. Blockchain security firm PeckShield reported a 96% month-over-month increase compared to February’s $26.5 million haul, marking the sharpest escalation in crypto crime since late 2025 .
#PeckShieldAlert In March 2026, the crypto space saw 20 major hacks totaling $52M – a 96% MoM surge from February ($26.5M). But the real damage lies in the “Shadow Contagion”.#Tophacks:
— PeckShieldAlert (@PeckShieldAlert) April 1, 2026
– @ResolvLabs ($USR) De-peg: An AWS KMS breach enabled an 80M USR “infinite mint” (~$25M… pic.twitter.com/huohE79th6
📌 Twitter Embed Description: PeckShieldAlert reports March 2026 crypto hacks totaled $52M across 20 incidents, a 96% increase from February, with Resolv Labs’ AWS KMS breach causing the most significant damage.
The month’s most devastating breach targeted Resolv Labs, where attackers infiltrated the platform’s cloud infrastructure and compromised its AWS Key Management Service. The breach allowed the unauthorized minting of 80 million unbacked USR tokens—a classic infinite mint exploit that sent the stablecoin into a death spiral. Chainalysis estimated that the attackers walked away with approximately $25 million in ETH .
The fallout from the Resolv incident rippled across the DeFi landscape. As USR’s value collapsed, lending protocols including Fluid, Morpho Blue, and Euler Finance accumulated significant bad debt. The cascade illustrated a troubling reality: a single protocol’s failure can trigger a domino effect across interconnected platforms, amplifying losses far beyond the initial exploit .
March also witnessed a resurgence of attacks that bypassed code vulnerabilities entirely. Pseudonymous trader Sillytuna lost $24 million after being subjected to a violent home invasion involving weapons and kidnapping threats. In a separate case, a Kraken user fell victim to an elaborate social engineering scheme, resulting in $18 million in stolen assets. The month closed with Venus Protocol absorbing $2.15 million in bad debt from a sophisticated on-chain/off-chain attack .
PeckShield described the broader impact as “Shadow Contagion”—the hidden vulnerabilities that turn isolated breaches into systemic crises. When one domino falls, the chain reaction can sweep through lending markets, liquidity pools, and derivative platforms, multiplying losses in ways that are difficult to track or contain .
With Q1 2026 closing at over $164 million in total crypto losses, the industry faces a shifting threat landscape. Traditional smart contract exploits remain a concern, but the rise of physical intimidation and targeted social engineering represents a troubling evolution. Attackers are increasingly willing to bypass code entirely, going after the human element—whether through cloud infrastructure or direct threats against individuals .
For high-net-worth crypto holders, the message is clear: cybersecurity alone is no longer sufficient. Operational security must now extend to physical protection, digital identity hygiene, and infrastructure-level safeguards. As the industry matures, so too must its approach to security—acknowledging that the weakest link is often not the code, but the people and systems surrounding it .
