TL;DR:
- PeckShield reported that losses from hacks and exploits in cryptocurrencies reached $52 million in March, spread across 20 incidents.
- The attack on Resolv Labs was the most significant of the month: over $25 million in USR stablecoins were lost and it generated systemic debt across DeFi protocols.
- March losses grew 96% compared to the $26.5 million recorded in February of the same year.
PeckShield, an onchain security firm, published its monthly report confirming that hacks and exploits in the crypto ecosystem generated $52 million in losses during March, spread across 20 incidents of variable but considerable magnitude. That figure represents a 96% increase compared to the $26.5 million recorded in February.
The most severe episode recorded was that of Resolv Labs, whose USR stablecoin issuance contract was exploited by an attacker who took advantage of a flaw in the minting mechanism to create approximately 80 million unbacked stablecoins, draining more than $25 million from the protocol. Resolv issued a 72-hour ultimatum demanding the return of 90% of the funds, but the assets were never restored.
#PeckShieldAlert In March 2026, the crypto space saw 20 major hacks totaling $52M – a 96% MoM surge from February ($26.5M). But the real damage lies in the "Shadow Contagion".#Tophacks:
– @ResolvLabs ($USR) De-peg: An AWS KMS breach enabled an 80M USR "infinite mint" (~$25M… pic.twitter.com/huohE79th6— PeckShieldAlert (@PeckShieldAlert) April 1, 2026
PeckShield: The Silent Debt Left Behind by Every Exploit
PeckShield warned that the real damage from this type of attack involves far more than an immediate monetary loss. The firm called this phenomenon “shadow contagion“: the 80% collapse in USR’s value generated systemic debt across the Morpho Blue, Euler and Fluid protocols, all of them connected to Resolv’s platform. This secondary effect amplifies the impact of exploits and damages the structural interdependence of the DeFi ecosystem.
PeckShield also recorded an incident of a different nature. The X user identified as Sillytuna reported the theft of approximately $24 million in Aave Ethereum USDC, carried out through a physical attack involving weapons, kidnapping and threats of sexual assault. The attacker dispersed the funds across Bitcoin, Monero and various layer-2 networks to hinder tracing. This type of attack falls within a series of violent robberies targeting public figures in the crypto industry with the aim of accessing their digital holdings.
Last week, the Balancer protocol announced the closure of Balancer Labs, citing the aftermath of the $128 million exploit it suffered in November 2025, a sign that the consequences of these attacks can ultimately drive entire projects into complete collapse.
