TL;DR:
- PeckShield reported that losses from hacks and exploits in cryptocurrencies reached $52 million in March, spread across 20 incidents.
- The attack on Resolv Labs was the most significant of the month: over $25 million in USR stablecoins were lost and it generated systemic debt across DeFi protocols.
- March losses grew 96% compared to the $26.5 million recorded in February of the same year.
PeckShield, an onchainĀ securityĀ firm, published its monthly report confirming thatĀ hacks and exploits in the crypto ecosystem generated $52 million in losses during March, spread acrossĀ 20 incidentsĀ of variable but considerable magnitude. That figure represents a 96% increase compared to the $26.5 million recorded in February.
The most severe episode recorded was that ofĀ Resolv Labs, whose USR stablecoin issuance contract was exploited by an attacker who took advantage of a flaw in the minting mechanism to create approximatelyĀ 80 million unbacked stablecoins, draining more thanĀ $25 millionĀ from the protocol. Resolv issued a 72-hour ultimatum demanding the return of 90% of the funds, but the assets were never restored.
#PeckShieldAlert In March 2026, the crypto space saw 20 major hacks totaling $52M – a 96% MoM surge from February ($26.5M). But the real damage lies in the "Shadow Contagion".#Tophacks:
– @ResolvLabs ($USR) De-peg: An AWS KMS breach enabled an 80M USR "infinite mint" (~$25Mā¦ pic.twitter.com/huohE79th6— PeckShieldAlert (@PeckShieldAlert) April 1, 2026
PeckShield: The Silent Debt Left Behind by Every Exploit
PeckShield warned that the real damage from this type of attack involves far more than an immediate monetary loss. The firm called this phenomenon “shadow contagion“: the 80% collapse in USR’s valueĀ generated systemic debtĀ across theĀ Morpho Blue, Euler and Fluid protocols, all of them connected to Resolv’s platform. This secondary effect amplifies the impact of exploits andĀ damages the structural interdependence of the DeFi ecosystem.
PeckShield also recorded an incident of a different nature. The X user identified asĀ SillytunaĀ reported the theft of approximately $24 million in Aave Ethereum USDC, carried out through aĀ physical attack involving weapons, kidnapping and threats of sexual assault. The attacker dispersed the funds acrossĀ Bitcoin, MoneroĀ and various layer-2 networks to hinder tracing. This type of attack falls within a series ofĀ violent robberies targeting public figures in the crypto industryĀ with the aim of accessing their digital holdings.
Last week, theĀ BalancerĀ protocol announced the closureĀ of Balancer Labs, citing the aftermath of the $128 million exploitĀ it suffered in November 2025, a sign that the consequences of these attacks can ultimately drive entire projects into complete collapse.
