In a troubling trend for the cryptocurrency industry, a new report from Immunefi highlights the escalating financial and market impacts of crypto hacks. Analyzing 425 publicly known incidents between 2021 and 2025, the report reveals that the average hack now results in a staggering $25 million in stolen funds, with 2024 and 2025 alone seeing 191 hacks leading to $4.67 billion in losses.
Hacks Concentrate in Centralized Exchanges
Despite representing fewer incidents, centralized exchange breaches have driven the majority of losses. Twenty exchange hacks accounted for approximately $2.55 billion, or about 55% of the total, underscoring the vulnerability of large pools of user funds concentrated behind fewer points of failure.
Market Reactions Intensify
Token markets are reacting more harshly to breaches, with the median price of 82 hacked tokens falling 61% within six months. An alarming 83.9% of these tokens remain below their hack-day price over the same period. Mitchell Amador, CEO of Immunefi, attributes this trend to changing market expectations: “The market has become less forgiving because expectations have changed. Breaches are now seen as signals of deeper issues in engineering, governance, and operational resilience.”
Long-Term Consequences Extend Beyond Financial Loss
The long-term impact of exploits often extends well beyond the initial loss. Amador elaborates, “The stolen funds are only the first layer of damage. What follows is often more destructive: sustained token price suppression, reduced treasury capacity, leadership disruption, lost development time, and erosion of user trust.” The interconnected nature of DeFi systems can amplify the fallout, with failures cascading across lending, collateral, and liquidity networks.
Case Study: Elixir’s deUSD Stablecoin Collapse
One stark example is the collapse of Elixir’s deUSD stablecoin in November 2025. Elixir had parked roughly 65% of deUSD’s collateral with Stream Finance, which disclosed a $93 million loss from an external fund manager. As Stream’s stablecoin xUSD fell 77%, deUSD’s backing deteriorated, redemptions halted, and panic selling hit Curve pools, ultimately pushing deUSD down more than 97%.
Recent Exploits Highlight Ongoing Risks
While crypto-related hack losses fell to $26.5 million in February, the lowest monthly total in nearly a year, several security incidents have already surfaced in March. Researchers at Google reported a new exploit kit targeting Apple iPhone users designed to steal cryptocurrency wallet seed phrases. The toolkit, known as Coruna, contains multiple exploit chains capable of targeting devices running various versions of Apple’s iOS and has been linked to phishing websites posing as crypto platforms.
Industry Responses and Forward-Looking Insights
The Bitcoin-based DeFi platform Solv Protocol reported that one of its token vaults was exploited for roughly $2.7 million, affecting fewer than 10 users. The project said it would cover the losses and offered the attacker a 10% bounty in exchange for returning the funds. Meanwhile, the domain of Bonk.fun was hijacked after attackers gained access to a team account and deployed a wallet-draining scheme through the site. The project warned users not to interact with the platform while the team worked to regain control of the domain.
Conclusion: A Call for Enhanced Security
As the cryptocurrency industry continues to mature, the frequency and impact of hacks remain a significant concern. The market’s increasingly harsh reactions to breaches highlight the need for enhanced security measures, improved governance, and robust operational resilience. Only through these efforts can the industry regain user trust and mitigate the long-term consequences of such incidents.
About the Author
