Crypto Hacks Concentrate Losses as Hacked Tokens Fall 61%—Immunefi Report

A new Immunefi security report says crypto hacks remain steady, but losses are becoming more concentrated in a few major exploits. It analyzed 425 publicly known incidents (2021–2025) and estimates the average hack steals about $25 million. In 2024–2025, 191 hacks caused $4.67 billion in losses. Just five incidents accounted for 62% of the total. While centralized exchange breaches were fewer, they drove most of the value lost: 20 exchange hacks contributed about $2.55 billion (~55%). Hacked tokens show harsher market punishment. Among 82 hacked tokens, the median price drop was 61% within six months, and 83.9% stayed below their hack-day price over that period. Immunefi CEO Mitchell Amador said markets are “less forgiving” because breaches now signal deeper problems in engineering, governance and operational resilience. The report also highlights cascading risk in interconnected DeFi. One cited case: Elixir’s deUSD stablecoin collapsed in Nov 2025 after it had ~65% of deUSD collateral with Stream Finance. Stream disclosed a $93 million loss; as Stream’s xUSD fell 77%, deUSD backing deteriorated, redemptions halted, panic selling hit Curve pools, and deUSD dropped more than 97%. Separately, recent crypto hacks include a Google-reported iPhone seed-phrase exploit kit (Coruna), Solv Protocol vault theft (~$2.7m), Bonk.fun domain hijack with wallet-draining activity, and Gondi disabling a faulty NFT lending contract after an exploit stole ~$230k. Crypto hacks can therefore mean not only immediate theft, but also prolonged downtime, liquidity shocks, and lasting confidence damage.