March 2026 was relatively quiet for DeFi hacks. In total, three hacks included losses in excess of $1 million, amounting to over $27 million in total losses.
In contrast, February 2026 had four hacks with price tags of over $1 million. However, that month’s total of $23.5 million was lower than that of March 2026.
Biggest DeFi Hacks of March 2026
Three DeFi hacks in March 2026 included losses that exceeded $1 million, including:
Solv Protocol: The Solv Protocol lost approximately $2.7 million due to a double-minting error when handling ERC-3525 deposits. Since these tokens are based on the ERC-721 token standard, deposits of these tokens created a self-reentrancy vulnerability, where the ERC-721 receiver callback function triggered a second mint operation after the initial ERC-3525 mint.
Venus Protocol: The Venus Protocol was stuck with over $2 million in bad debt due to a price manipulation attack targeting the Thena (THE) token market. The attacker built up a substantial position over several months before directly transferring tokens to the smart contract, bypassing its deposit mechanisms and manipulating the exchange rates.
- Resolv: Resolv Labs suffered an estimated $23 million in losses due to a compromised private key. The key belonged to an off-chain service responsible for determining the amount of tokens to mint in response to a deposit. Since the smart contract lacked any guardrails verifying the approved amount, the attacker was able to mint 80 million USR stablecoins in return for a deposit of $100,000-$200,000 in USDC.
Lessons Learned from the Attacks
The three major hacks of March 2026 had different root causes, including smart contract vulnerabilities and compromised private keys. However, one common thread is that these issues could have been prevented by a comprehensive security audit.
The Solv Protocol attacker exploited a lack of understanding of the relationship between ERC-3525 and ERC-721 tokens and what would happen if an ERC-3525 token was deposited into the contract. The Venus Protocol hack targeted a vulnerability that the protocol knew about but previously labeled a supported behavior with no negative side effects. Resolv had undergone eighteen past security audits, but they were limited to on-chain code and ignored critical off-chain infrastructure.
Comprehensive security audits are vital to security and should cover all elements of a project’s infrastructure. For help with protecting your project against these types of attacks, get in touch.