Cryptocurrency Hacking Attacks Hit Record Highs, The Problem Isn't the Code—It's the People

MainnetDelayedAgain · 2026-03-16T11:06:53+00:00

In 2025, the cryptocurrency sector experienced major hacker attacks, with losses primarily stemming from password breaches and social engineering rather than code vulnerabilities. Despite improvements in on-chain security, over 90% of projects still contain vulnerabilities. Looking ahead, security risks from AI agents will become a new challenge, requiring the industry to strengthen defenses.

MainnetDelayedAgain

2026-03-16 11:06:53

Abstract generation in progress

In 2025, the cryptocurrency industry experienced its worst hacking losses in history. Surprisingly, most of these losses did not stem from smart contract vulnerabilities but rather from traditional Web2-style human errors such as password leaks and social engineering scams. According to Immunefi CEO Mitchell Amador, the real problem has shifted from code to the “human” weakest link.

Human Error Becomes the Main Breach Point for Hackers

Data shows that approximately $17 billion in crypto was lost in 2025 due to scams and fraud, with the root cause not being technical flaws. Impersonation scams surged by 1,400% year-over-year, relying entirely on social engineering techniques rather than code exploits. Even more concerning, AI-driven scams are 450% more profitable than traditional methods, indicating that attackers are leveraging new technologies to increase deception efficiency.

Amador pointed out that on-chain security protections are improving significantly, making code vulnerabilities harder for hackers to exploit. As a result, attackers have shifted toward more covert methods—targeting social engineering and AI-assisted scams. This shift reflects the maturity of on-chain security systems and suggests that the next battlefield for hacking will be in human cognition and judgment.

On-Chain Defense Strengthens, but Industry Defenses Remain Fragile

Although on-chain code security has improved markedly, Chainalysis’s annual report reveals another worrying fact: over 90% of projects still have critical vulnerabilities that can be exploited, and adoption of protective tools remains very low. Less than 1% of industry participants have deployed firewalls, and fewer than 10% use AI detection tools. This significant security gap leaves even basic defenses vulnerable to attack.

Challenges Escalate in 2026, AI Agents Become New Attack Vectors

Amador also warned that AI will reshape the competitive landscape for both attackers and defenders this year. With the rise and proliferation of on-chain AI agents, the security risks faced by these autonomous decision-making systems will increase. How to effectively protect these automated systems from hacking and malicious exploitation has become a new challenge the industry must face. It is foreseeable that hacking methods will become more complex and covert, and upgrading defenses will be an ongoing and formidable task.

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.