Immunefi: DeFi Attack Losses Down 74% from 2022 Peak, AI Accelerates Security Arms Race

Odaily News, Web3 security company Immunefi has released its latest "2026 Ecosystem Vulnerability Audit Report," which shows that losses from DeFi protocol hacks have decreased by 74% from the 2022 peak of $2.62 billion, to approximately $680.3 million in 2025.

The report points out that the median loss per attack has also dropped significantly, from $6 million in 2022 to $1.5 million in 2025, reflecting an overall improvement in security levels. At the same time, the proportion of bridge exploits relative to total DeFi losses has dropped sharply from 73% in 2022 to 3% in 2025, while the proportion of flash loan attacks has also fallen from 54% to less than 1%.

Risks at the infrastructure level (such as private key leaks and database attacks) have also decreased from 30.7% in 2022 to 10.3% in 2025. Immunefi stated that this reflects ongoing optimization of oracle design, reentrancy attack protection, and access control standards, making the DeFi ecosystem "becoming safer overall."

However, the report also notes that losses slightly rebounded to $680.3 million in 2025, primarily due to increased complexity in multi-chain systems and a few high-severity incidents. Meanwhile, the number of independent security incidents continues to rise, indicating that the attack surface is still expanding. (Source: The Block)