Immunefi: DeFi exploit losses down 74% since 2022

Immunefi reports DeFi exploit losses fell 74% from $2.62B in 2022 to $680.3M in 2025 and warns AI is accelerating a security arms race in crypto.

Immunefi's 2026 Ecosystem Vulnerability Audit reports that DeFi exploit losses fell 74% from $2.62 billion in 2022 to $680.3 million in 2025. The audit covers exploit-driven losses across major blockchain ecosystems from 2020 through 2025.

The report records a 75% decline in median loss per exploit, from $6 million in 2022 to $1.5 million in 2025, a metric the firm describes as particularly telling. It finds ecosystem-class attacks, including flash-loan oracle manipulations and reentrancy exploits, fell from nearly 19% of losses in 2022 to under 1% in 2025. Infrastructure failures such as private-key compromises and database attacks declined from 30.7% to 10.3% over the same period.

Bridge exploit losses dropped from 73% of DeFi losses in 2022 to 3% in 2025. Flash-loan attacks, which accounted for 54% of losses in 2020, represented less than 1% by 2025. Private-key compromises fell from 28.7% of losses in 2022 to 8.1% in 2025.

Immunefi attributes the overall decline to changes in protocol design and stronger security practices, citing improvements in oracle construction, reentrancy protections and access-control standards that reduce attack surfaces. The firm reports a modest rebound in dollar losses from $534 million in 2024 to $680.3 million in 2025, which it links to increased complexity from multi-chain deployments and a small number of high-severity incidents rather than a broad deterioration.

Two large exchange incidents were excluded from the ecosystem rankings: a $1.5 billion loss at Bybit in February 2025 and a $305 million loss at DMM Bitcoin in 2024. Immunefi says those failures resulted from custodial key management and centralized exchange operations rather than protocol vulnerabilities in blockchain ecosystems.

The audit notes a rise in the number of unique incidents even as total dollar losses fell. Mitchell Amador, Immunefi's CEO, warned that artificial intelligence is changing how attacks and defenses operate. He noted, “AI lowers the barrier to entry for attackers, helping more people read codebases faster and automate parts of vulnerability discovery.” He added, “Triage, monitoring, pattern recognition and simulating edge cases all scale with good tooling,” and said teams that combine AI with disciplined human review, formal audits and active bug bounty programs will gain an advantage. He described hundreds of millions of dollars in annual losses as “still unacceptable.”

Amador cautioned that future systemic failures could come from shared assumptions and common dependencies across the industry, pointing to shared code, shared signers, common infrastructure providers, front ends, oracles and deployment practices as potential sources of simultaneous failures.

The audit presents quantitative shifts in loss types and sizes from 2020 through 2025 and documents the growing role of automated tools on both offense and defense without offering operational recommendations.

The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.

Articles by this author