The cost of a crypto hack for protocol builders has settled into a brutal baseline, with about $25 million stolen upfront, followed by a steep and often lasting collapse in token value.
That is the picture emerging from Immunefi’s 2026 State of Onchain Security report, which finds the industry still grappling with persistent vulnerabilities even as some defensive practices improve.
The pace has stabilized rather than slowed, with 94 attacks recorded in 2024 and 97 in 2025, matching the elevated levels seen in prior years. Across 2024 and 2025, 191 publicly disclosed incidents drained $4.67 billion, bringing the five-year total to $11.9 billion across 425 hacks, according to the blockchain analytics provider.
What has shifted, however, is the shape of risk.
The median hack has shrunk to about $2.2 million from $4.5 million in the earlier period, suggesting incremental progress in limiting routine exploits. Yet the average loss remains far higher, near $24.5 million, as outsized breaches skew the totals.
According to Immunefi, the widening gap suggests a market dominated by rare but devastating events. The five largest exploits in 2024–2025 accounted for 62% of all funds stolen, while the top ten made up 73%.
A single $1.5 billion breach tied to Bybit represented 44% of all losses in 2025 alone and 32% of the two-year total, skewing the data.
The concentration is not limited to the largest individual exploits. Centralized exchanges, though responsible for just 20 of the 191 incidents, absorbed more than half of the total losses at $2.55 billion. That’s a sign of how custodial risk continues to anchor the industry’s most damaging failures, Immunefi noted.
Market reaction has also turned harsher. Tokens tied to hacked projects decline about 10% within two days on average, a pattern that has remained consistent.
The longer-term damage deepens even further. Median losses have reached 61% after six months, up from 53% in the earlier dataset.
Recovery has become rare as markets punish failures harder. Roughly 84% of affected tokens remain below their pre-hack levels after six months, with only about 16% managing to trade above that mark.
The report said the decline often continues beyond that window rather than stabilizing.
For projects, the impact extends beyond price charts, too. Because many projects hold their tokens as treasury reserves, a 61% drawdown directly cuts into operating runway, hiring capacity and development budgets.
Interconnected systems have added another layer of fragility. The report points to a 2025 stablecoin failure involving deUSD as an example of how losses can cascade through collateral dependencies, freezing withdrawals, triggering forced selling, and wiping out value across multiple protocols.
Inside organizations, the pattern has been consistent, as well. Security leadership often turns over within weeks of a breach. Product work stalls as teams divert resources to remediation, and recovery typically consumes at least three months of focused effort.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2026 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.