Cryptocurrency’s security story is changing, and not in the way most investors expect or would like to, as while crypto losses are on the rise, so too is onchain security.
Even as 2025 went down as the worst year for hacks on record, the biggest failures weren’t born onchain; instead, they were operational. Passwords, keys, compromised devices, manipulated employees, fake support agents. Human error, not broken code.
“Despite 2025 being the worst year for hacks on record, those hacks stem from Web2 operational failures, not onchain code,” Mitchell Amador, CEO of onchain security platform Immunefi, told CoinDesk in an exclusive interview.
That distinction matters, Amador said, because it suggests something counterintuitive: on-chain security is improving, even as losses keep rising.
“On-chain security is improving dramatically, and will continue to,” he said. “From the perspective of DeFi and onchain protocol code, I believe 2026 will be the best year yet for on-chain security.”
The direction of travel, in other words, is not necessarily toward weaker systems. It is toward more convincing, more sophisticated criminals, Amador suggested. His arguments align with the findings in Chainalysis’ 2026 Crypto Crime Report.
Chainalysis’ report, published this week, captured the same shift from a different angle: criminals are increasingly targeting individuals, not infrastructure. Roughly $17 billion in crypto was lost to scams and frauds in 2025, Chainalysis said, as impersonation and social engineering tactics and artificial intelligence helped scammers increase the number of victims.
Impersonation scams alone showed 1,400% year-over-year growth, Chainalysis said, while AI-enabled scams were 450% more profitable than traditional schemes.
The most recent such scam was exposed just last week as blockchain research ZachXBT revealed a social engineering crime by which a hacker stole $282 million of litecoin and bitcoin. The hackers victim lost 2.05 million LTC and 1,459 BTC, with the loot swiftly being swapped for privacy coin monero through multiple instant exchanges.
Amador said he believes code is getting harder to exploit, leading attackers to adapt and pivot to new sophisticated tactics. “With the code becoming less exploitable, the main attack surface in 2026 will be people,” he said. “The human factor is now the weak link that onchain security experts and Web3 players must prioritize.”
However, Amador said crypto technologists must not rest on their laurels just yet. “Over 90% of projects still have critical, exploitable vulnerabilities,” he said. And even where defensive tooling exists, adoption is thin. “Less than 1% of the industry uses firewalls, and fewer than 10% use AI detection tools.”