The Truth About Hacking Incidents in 2025: "Human Error" More Dangerous Than Code
The real cause behind the hacking damages in 2025: *Human mistakes* are more perilous than the malicious code itself.
As cybersecurity measures become more sophisticated, attackers are increasingly exploiting human vulnerabilities.
**Key factors include:**
- Lack of proper training
- Negligence in handling sensitive information
- Failure to follow security protocols
To prevent future incidents, organizations must focus not only on technical defenses but also on educating their staff about security awareness.

2025 was a dramatic year for the cryptocurrency industry, as hacking incidents set new records. However, an important turning point has emerged here. While enormous losses occurred, the main causes were not vulnerabilities in smart contracts, but rather classic Web2-era issues such as stolen passwords, manipulated employees, and sophisticated scams.

What emerges from Chainalysis’s latest report and Mitchell Amador, CEO of on-chain security platform Immunefi, is the fact that the battlefield of the crypto security war is fundamentally changing.

Losses Reach Record High, but Perpetrators Are “Scammers”

In 2025, cryptocurrency losses amounted to approximately $17 billion. Behind this astonishing figure is not traditional system intrusions, but the rapid evolution of sophisticated attack methods targeting humans directly.

According to Chainalysis data, damages from scams, impersonation, and social engineering have surged year-over-year, with a staggering 1,400% increase in impersonation scams alone. Even more shocking is the fact that the profitability of scams utilizing AI technology exceeds traditional methods by 450%.

A specific example of this trend is an incident revealed by blockchain researcher ZachXBT in January. The hacker used only social engineering techniques to steal Bitcoin and Litecoin worth $282 million. The stolen 2.05 million Litecoins and 1,459 Bitcoins were quickly exchanged into Monero through multiple instant exchange services.

The key point is that this massive theft did not require code destruction. The attacker simply exploited human factors.

On-Chain Defense Is Evolving, the True Threat Is Shifting to “Humans”

It may seem contradictory at first glance, but on-chain security itself has dramatically improved.

Amador emphasized this important distinction in an exclusive interview with CoinDesk. “From the perspective of DeFi and on-chain protocols, I am confident that 2026 will be the best year ever for on-chain security.”

Vulnerabilities in smart contracts have decreased, and security audit technologies have also evolved. As a result, attackers’ focus has shifted. It has become more efficient to manipulate humans than to break code.

Amador clearly states, “The main targets of attacks in 2026 will be humans. Human factors are the weakest link we must prioritize.”

However, the industry still faces significant challenges in preparedness. According to security experts’ surveys, more than 90% of projects still have critical and exploitable vulnerabilities, and the adoption rate of defense tools remains very low. Industry-wide, firewall implementation is below 1%, and AI detection tools are under 10%.

New Threats in 2026: AI-Driven Hacking and Autonomous Agent Risks

The evolution of hacking does not stop here. Amador hints at the biggest concerns for 2026.

“In 2026, AI will change the tempo for both defenders and attackers. Defenders will rely on AI-driven monitoring and response systems that operate at machine speed, but attackers will also use the same tools to conduct vulnerability scans, develop exploits, and carry out large-scale social engineering.”

A more serious issue is the emergence of on-chain AI agents (autonomous smart contracts that make decisions independently). These agents operate faster and more powerfully than human manipulation, but if their access points are compromised, they could cause damage on an uncontrollable scale.

“Learning how to properly protect agents is still in its early stages,” warns Amador. “This will become one of the biggest security challenges in the next cycle.”

The Battlefield of Hacking Incidents Shifts from “Technology” to “Operations”

The scale of hacking incidents in 2025 highlights not technical challenges faced by the industry, but the importance of operational discipline and human risk management.

When considering Chainalysis’s report and Immunefi’s analysis together, a clear future picture of the crypto security war emerges. It is not a battle against on-chain code vulnerabilities, but rather the development of more complex, multi-layered defense strategies in areas such as user interfaces, corporate governance, monitoring systems, and education.

From 2026 onward, the key to effective hacking countermeasures will not be the latest security code audit tools, but organizational culture rooted in employee training, device management, and access control. The era where the security of crypto assets can be protected solely by blockchain technology is coming to an end.