Crypto hack and exploit losses reached $52 million in March 2026, nearly doubling from the month before, as a single stablecoin exploit sent shockwaves across multiple DeFi protocols and pushed market sentiment to extreme fear.
PeckShield’s March tally shows crypto hack losses surging again
Blockchain security firm PeckShieldAlert reported that March 2026 saw 20 major crypto hacks totaling $52 million. The figure marked a 96% month-over-month increase from February’s $26.5 million.
The monthly roundup was published as an X post rather than a standalone long-form report, a format PeckShield has used for prior monthly tallies.
PeckShield’s tally mixes DeFi smart contract exploits with physical and social-engineering losses. According to unconfirmed reports in the same roundup, individual incidents included a $24 million loss attributed to Sillytuna and an $18 million Kraken whale social-engineering theft, though neither has been independently corroborated.
#PeckShieldAlert In March 2026, the crypto space saw 20 major hacks totaling $52M – a 96% MoM surge from February ($26.5M). But the real damage lies in the "Shadow Contagion".#Tophacks:
– @ResolvLabs ($USR) De-peg: An AWS KMS breach enabled an 80M USR "infinite mint" (~$25M… pic.twitter.com/huohE79th6— PeckShieldAlert (@PeckShieldAlert) April 1, 2026
Source: @PeckShieldAlert on X
The Resolv exploit explains why March’s damage felt bigger than the raw total
The clearest confirmed major incident in March was the Resolv protocol exploit. CertiK’s incident analysis found that Resolv was exploited on March 22, 2026 for approximately $26.8 million after a compromise of the project’s AWS Key Management Service gave an attacker access to its SERVICE_ROLE signing authority.
The attacker used that access to mint 80 million USR across two transactions. The over-minting crashed USR from $1 to $0.03, effectively destroying the stablecoin’s peg. It is important to distinguish between the 80 million USR minted and the roughly $26.8 million in realized losses, as secondary coverage has conflated the two figures.
Resolv’s official site stated the team was investigating unauthorized minting of USR while maintaining that the collateral pool remained fully intact with no underlying assets lost. That distinction matters: the protocol’s reserves were not drained, but the token’s market value collapsed anyway.
The downstream damage dwarfed the direct theft. Cointelegraph reported that the Resolv incident triggered roughly $180 million in liquidations on Morpho and about $334 million in outflows from Fluid, citing Cyvers analyst Michael Pearl. Those secondary effects turned a mid-sized exploit into a stress event for multiple lending and liquidity protocols.
The incident echoed dynamics seen in previous stablecoin failures. Much like the concerns that followed regulatory moves to classify crypto assets, the Resolv collapse revived post-Terra anxieties about how quickly a single depeg can propagate through interconnected DeFi systems.
Why ‘shadow contagion’ matters more than the headline number
PeckShield framed the wider impact of March’s incidents as “Shadow Contagion,” describing a pattern where one exploit creates bad debt and liquidity stress across connected DeFi venues. The Resolv case illustrated this precisely: a $26.8 million exploit generated more than $500 million in combined liquidations and outflows across Morpho, Fluid, and Euler.
Michael Pearl of Cyvers captured the industry mood: “We hear many stablecoin platforms that are petrified after this exploit.” The fear extended beyond the directly affected protocols to any platform holding or lending against algorithmic or collateral-backed stablecoins.
The broader crypto market reflected that anxiety. The Fear and Greed Index read 8 on April 1, 2026, classified as Extreme Fear. While the index captures sentiment across all of crypto, not just DeFi security events, the reading aligned with a market rattled by both the March hack tally and the contagion effects that followed.
The security landscape also arrives at a time when the industry is navigating other structural shifts. Developments like Ripple’s stablecoin cross-border payment partnerships and proposed Bitcoin-backed bond issuances underscore how much institutional credibility depends on the ecosystem’s ability to contain exploits before they cascade.
March’s lesson was not the $52 million headline. It was how a single compromised signing key could crash a stablecoin, trigger hundreds of millions in forced liquidations, and leave an entire market segment questioning the security assumptions underpinning DeFi lending.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.
