Why Crypto Hacks in 2025 Are Not About Code, But About People

The year 2025 marks the worst record in digital asset hacking history, but the story is not what many observers expected. Although financial losses reached an all-time high, the primary cause was not blockchain protocol vulnerabilities or smart contract exploits. Instead, the greatest threat comes from human operational errors—credential theft, psychological manipulation, and well-organized crime.

Data from Chainalysis 2026 shows a clear phenomenon: the crypto industry is undergoing a fundamental shift in the threat landscape. While on-chain infrastructure becomes increasingly difficult to attack, hackers and scammers are adapting by targeting human weak points.

Lost Assets Surge, But the Sources of Problems Differ

Approximately $17 billion in crypto assets disappeared due to scams and fraud in 2025. This staggering figure reflects not only the scale of criminal operations but also their evolving tactics. In the past, hackers focused on blockchain code bugs. Now, they target predictable and manipulable human decisions.

Mitchell Amador, CEO of on-chain security platform Immunefi, provides an important perspective in an interview with CoinDesk: “Although 2025 is recorded as the year with the most hacks in history, most of the losses stem from Web2-style operational failures, not on-chain code exploits.”

This distinction is crucial. Stolen passwords, compromised devices, manipulated employees, fake customer support—all are attack types well known in the traditional world for decades. But in the crypto ecosystem, the impact is far more severe because assets can be transferred instantly and are non-recoverable.

Identity Fraud Explodes, Surpassing Conventional Attacks

The changing hacking patterns are reflected in startling statistics. Identity impersonation scams show a 1,400% annual growth, according to Chainalysis reports. This is not just growth—it’s a fundamental transformation in how criminals operate.

AI-powered scams add an extra layer of complexity. Schemes supported by artificial intelligence are found to be 450% more profitable than traditional scams, enabling scammers to scale operations with terrifying precision. They can create more convincing fake content, impersonate trusted authorities, and target more victims with less effort.

One recent case revealed the scale of this social engineering attack. ZachXBT uncovered an incident where a hacker stole assets worth $282 million through pure social engineering. The victims lost 2.05 million LTC and 1,459 BTC—a significant loss in a single operation. The stolen funds were immediately converted into Monero and hidden through various instant exchange channels.

On-Chain Security Actually Improves, But Humans Remain Vulnerable

An interesting paradox emerges when analyzing the actual quality of blockchain infrastructure. On-chain security has dramatically improved technically. DeFi and on-chain protocols are becoming more resistant to pure code exploits. Smart contracts are increasingly audited, more security tools are available, and best practices are more widely adopted.

However, this is not news that should make investors feel relieved. Amador explains: “On-chain security has increased dramatically and will continue to do so. From the perspective of DeFi and on-chain protocol code, I believe 2026 will be the best year for on-chain security.”

As technology becomes safer, hackers do what they always do when one avenue is closed: they look for alternative routes. The main attack surface shifts from code to the most unpredictable element in the crypto system—humans.

“With code becoming less exploitable, the main attack surface in 2026 will be humans,” says Amador. “The human factor is now the weak point that on-chain security experts and Web3 actors must prioritize.”

Massive Vulnerabilities Remain Hidden

However, Amador issues a warning that should not be ignored: over 90% of projects still have critical vulnerabilities that can be exploited. This means that although code-based hacks are becoming less frequent, the potential for massive losses from bugs remains real.

Even more concerning is the lag in adopting defensive tools. Less than 1% of the industry uses advanced firewalls. Less than 10% deploy AI-based detection tools. This shows a large gap between the availability of technology and its practical implementation in the field.

A New Battle with On-Chain AI Agents

The security challenges of 2026 introduce a new dimension never seen before. AI not only changes how criminals attack—they also change their targets. Crypto systems are increasingly automating decisions through autonomous on-chain agents.

“In 2026, AI will change the pace of security on both sides,” says Amador. “Defenders will rely more on AI-driven monitoring and response operating at machine speed, while attackers will use the same tools for vulnerability research, exploit development, and massive social engineering.”

But Amador’s most critical warning goes beyond smart contracts or traditional wallets. It’s about what happens when crypto systems start making decisions themselves: “On-chain AI agents can operate faster and more powerfully than human operators, and they have unique vulnerabilities to manipulation if access pathways or control layers are compromised. We are still in the early stages of learning how to properly secure these agents, and that will be one of the main security challenges in the next cycle.”

The Future of Crypto Security Lies Outside Blockchain

The combination of Chainalysis data and Amador’s insights reveals a clear future picture: the crypto security battle will increasingly be fought not along the blockchain itself, but through user interfaces, corporate controls, monitoring systems, and user education.

Investments in blockchain technology are becoming more mature. However, investments in operational security, employee training, and fraud prevention still lag far behind. This is a balance that needs correction if the industry wants to reduce the rising losses in the coming years. Future hacks will not be stopped by better code audits—they will be thwarted by higher awareness and stronger human defenses.