Record-breaking losses from hacking attacks in the crypto space, defenses are quietly shifting

In 2025, the cryptocurrency ecosystem experienced the heaviest security hits on record. But the true story behind this crisis is far more thought-provoking than the numbers themselves — the focus of hacker attacks has quietly shifted from technical code to human vulnerabilities. Immunefi CEO Mitchell Amador pointed out that defenses on the blockchain are being significantly strengthened, and the key issue has shifted to how to protect the “human” line of defense.

Code Fortresses Reinforced, Humans Become the Biggest Gap

Ironically, despite the unprecedented scale of losses caused by hacking, most of the damage did not stem from technical vulnerabilities in smart contracts. Password leaks, social engineering scams, fake identities — these seemingly “low-level” tactics have become the most effective intrusion methods. The security of on-chain code is continuously improving, and the main threat has completely shifted to human operational errors.

What does this mean? It means the old tactic of “hacking into smart contracts to steal tokens” is becoming increasingly ineffective. Attackers are forced to abandon pure technical breakthroughs and instead exploit human trust.

Impersonation Scams Surge 1,400%, AI-Driven Scams Profit 4+ Times Higher

Data from Chainalysis’s annual report makes the problem especially severe. In 2025, losses from scams and deception reached $17 billion. Among these, impersonation scams increased by an astonishing 1,400% — this is not just simple growth, but a sign of rapid evolution in attack methods.

Even more alarming is the involvement of AI. Data shows that AI-driven scams generate profits over 450% higher than traditional deception methods. This means attackers are using AI to optimize scripts, precisely target victims, and improve success rates. Low cost, high returns, and difficult to trace — AI scams are becoming the new mainstream attack weapon.

Defensive Measures Hit Rock Bottom, 90% of Projects Have Exploitable Vulnerabilities

Worse still is the current state of the industry. Although on-chain security is improving, awareness and adoption of protective tools have hit new lows. Mitchell Amador warned that over 90% of projects still have critical exploitable vulnerabilities that should have been fixed promptly. But when it comes to adopting protective tools, the situation is even more troubling:

• Less than 1% of industry participants have deployed firewalls
• Fewer than 10% use AI detection tools

What does this mean? Even with protective measures available, most project teams and users turn a blind eye. Despite ample funding and tools, the industry still chooses the most vulnerable defensive posture.

The Double-Edged Sword of 2026: New Threats from On-Chain AI Agents

Looking ahead to 2026, the situation will become even more complex. Amador stated that on-chain code security will have its “best year” — but this good news comes at a cost, as attackers are already sharpening their blades. As code becomes harder to exploit, they will turn to more sophisticated social engineering and AI-assisted scams.

The rise of on-chain AI agents introduces a whole new attack surface. These autonomous decision-making systems hold their own funds and permissions, and if controlled or deceived by attackers, the consequences could be more severe than traditional hacking. How to ensure these automated systems operate securely without becoming puppets in the hands of attackers will be the most critical security challenge of 2026.

In short, the next cycle of hacking will no longer be a contest of “attack and defense code,” but a psychological battle between “people,” “people and AI.”