Cryptocurrency hacking attacks hit new highs: losses stem from "people" rather than code

BearMarketMonk · 2026-01-21T18:21:52+00:00

In 2025, the cryptocurrency sector suffered losses of up to $17 billion due to scams and frauds, with hacking techniques continuously evolving and traditional vulnerabilities being replaced by human errors. Despite improvements in on-chain code security, over 90% of projects still have vulnerabilities, and the adoption rate of protective tools remains low. In 2026, the industry will face dual challenges of AI offense and defense.

BearMarketMonk

2026-01-21 18:21:52

Abstract generation in progress

According to CoinDesk reports and industry data analysis, 2025 has become the year with the most severe losses caused by hacker attacks in the recorded history of the cryptocurrency field. But behind this “harvest year,” there is an unexpected truth: the greatest threat is no longer code vulnerabilities in smart contracts, but human operational errors.

Scams and Fraud Become the New Main Characters in Hacker Attacks

Based on the annual report released by on-chain data analysis company Chainalysis, the cryptocurrency losses due to scams and fraud in 2025 reached approximately $17 billion. More alarmingly, behind this figure lies a rapid evolution in attack methods: impersonation scams increased by up to 1400% year-over-year, becoming the most efficient means of hacker attacks.

Compared to traditional code attacks, these scam-centric hacker attacks are lower in cost and higher in profit—AI-driven fraud methods yield 450% higher profits than traditional social engineering. Old tricks from the Web2 era, such as password leaks, phishing emails, and false identity verification, have become the main sources of losses in the crypto space.

On-Chain Code Security Is Improving, but Human Awareness Is Worrying

Mitchell Amador, CEO of Immunefi, pointed out the deep reason behind this phenomenon: on-chain code security is significantly improving, which means the focus of hacker attacks has shifted from exploiting smart contract vulnerabilities to the most vulnerable link—humans.

However, the reality is concerning. Amador warns that over 90% of projects still have critical exploitable vulnerabilities, and even more worrying is the extremely low adoption rate of protective tools—less than 1% of industry participants use firewall tools, and fewer than 10% adopt AI detection defense solutions. This means that even as technological security advances, most projects and users remain exposed to high risks.

The Double Dilemma of the AI Era: A New Arms Race in Security and Hacker Attacks

Amador believes that 2026 will be the best year for on-chain code security, but this good news comes with bad news: hacker attackers are also upgrading. AI will simultaneously change the pace of offense and defense, and the rise of on-chain AI agents will bring a whole new attack surface.

How these autonomous AI systems defend themselves will become the main challenge in the next cycle of security defense. In this invisible battlefield, defenders need to not only improve code security but also enhance their ability to prevent human threats and AI-assisted scams. The crypto security battlefield in 2026 has evolved from a simple technical confrontation to a three-dimensional competition involving technology, personnel, and AI.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.