What is a hack? The real security threat in the cryptocurrency world 2025

The cryptocurrency industry experienced a year of superlatives in 2025 – but not in the expected way. While data losses due to hacks and fraud increased to record levels, a surprising reality was revealed: On-chain security actually became stronger, not weaker. But what exactly is a hack in this new context? The answer could fundamentally change how we understand crypto security.

The Quiet Distinction: Code Exploits versus Human Hacks

The paradox is tangible: 2025 is considered the worst year for hacks in the history of the blockchain industry, yet most of these “hacks” were not traditional technical exploits. They were something else – something much harder to defend against.

Mitchell Amador, CEO of the on-chain security platform Immunefi, sums it up in an interview with CoinDesk: “Although 2025 is the worst year for hacks since record-keeping began, these hacks did not stem from faulty smart contracts or protocol-related weaknesses. They arise from Web2-like operational errors – stolen passwords, compromised devices, manipulated employees."

This distinction is crucial. While technicians continue to improve blockchains and DeFi protocols, where does the real threat shift to? Directly onto the people behind them.

Fraud Cases Now Outnumber Traditional Hacks

Chainalysis data paints a clear picture: in 2025, approximately $17 billion in cryptocurrencies disappeared through fraud schemes and social engineering tactics – not through technical exploits. That’s more than double the amount of previous years.

Notably, there was an explosion in identity theft scams, which increased by 1,400 percent year-over-year. AI-supported fraud schemes proved to be 450 percent more profitable than traditional methods. A recent example: ZachXBT uncovered a social engineering attack where a hacker, via manipulated identity, stole $282 million in Bitcoin and Litecoin. The loot included 2.05 million LTC (currently about $119.6 million at $58.38 per coin) and 1,459 BTC, before everything was quickly converted into the privacy coin Monero.

So what is a hack in 2025? Increasingly: a human vulnerability, not a technical one.

The Human Factor as a New Attack Surface

Amador states provocatively: “As the code becomes less attackable, the main attack point in 2026 will be the people. The human factor is now the weak link."

The statistics support this warning. Over 90 percent of crypto projects still exhibit critical, exploitable vulnerabilities – yet even where defense tools exist, they are rarely used. Less than 1 percent of the industry uses firewalls, and less than 10 percent employ AI-based detection tools.

This does not mean that technical security has become unimportant. It rather means that the simplest attack paths do not go through code but through psychological manipulation – fake support staff, phishing emails with AI-generated messages, or targeted manipulation of employees at crypto projects.

AI: A Double Threat to Security and Defense

The next turning point, according to Amador, will be defined by artificial intelligence. “In 2026, AI will change the pace of security on both sides,” he explains. “Defenders will increasingly rely on AI-driven monitoring and response, working at machine speed, while attackers will use the same tools for vulnerability research, exploit development, and social engineering on a large scale."

Even more concerning is an emerging threat: securing on-chain AI agents. “Onchain AI agents can be faster and more powerful than human operators,” warns Amador. “But they are especially vulnerable to manipulation if their access pathways or control levels are compromised. This opens up a completely new attack surface that we have yet to understand how to secure.”

Outlook 2026: Where the Real Security Battle Takes Place

Despite the bleak year 2025, Amador looks to 2026 with surprising optimism – at least technically. “From the perspective of DeFi and on-chain protocol code, I believe 2026 will be the best year for on-chain security so far.” The reason: the industry will simply get better at securing code.

However, this technical improvement is overshadowed by a concerning countertrend. The security battle shifts from blockchains to user interfaces, corporate policies, monitoring systems, and education. The true vulnerability no longer lies in the protocols – it lies in the people who use these systems.

So what is a real hack in the modern crypto sector? The answer is uncomfortable: It is often not technical at all.