Immunefi: DeFi Attack Losses Down 74% from 2022 Peak, AI Accelerates Security Arms Race

Odaily Planet Daily News Web3 security company Immunefi's latest "2026 Ecosystem Vulnerability Audit Report" shows that losses from DeFi protocol hacks have fallen 74% from a peak of $2.62 billion in 2022 to approximately $680.3 million in 2025.

The report notes that the median loss per individual attack has also significantly decreased, from $6 million in 2022 to $1.5 million in 2025, reflecting an overall improvement in security standards. Meanwhile, the share of bridge exploits in total DeFi losses has dropped sharply from 73% in 2022 to 3% in 2025, and the proportion of flash loan attacks has fallen from 54% to less than 1%.

The proportion of risks at the infrastructure level (such as private key leaks and database attacks) also decreased from 30.7% in 2022 to 10.3% in 2025. Immunefi stated that this reflects continuous optimization in oracle design, reentrancy attack protection, and access control standards, making the DeFi ecosystem "generally becoming safer."

However, the report also notes that losses slightly rebounded to $680.3 million in 2025, primarily due to increased complexity in multi-chain systems and a few high-severity incidents. At the same time, the number of independent security incidents continues to rise, indicating the attack surface is still expanding. (The Block)