According to Mitchell Amador, CEO of Web3 security platform Immunefi, almost four out of five crypto projects that suffer a major breach will never fully recover.
Amador told Cointelegraph that most protocols go into paralysis when an exploit is detected. “Most protocols are fundamentally unaware of the extent to which they are vulnerable to hacking and are not operationally prepared for a major security incident,” he said.
According to Amador, the first hours after a break-in are often the most damaging. Without a predetermined incident plan, teams hesitate, debate next steps, and underestimate how deep compromise can go. “Decision-making slows down as teams try to understand what happened, leading to improvisation and delays in action,” he said, adding that this often happens when additional losses occur.
Projects often avoid pausing intelligent contracts for fear of reputational damage, and communication with users is completely broken down. Amador warned that silence reinforces panic rather than deters it.
“Nearly 80% of projects that suffer a hack are never fully recovered,” he said. “The main reason is not the initial loss of resources, but the breakdown of operations and confidence during the response.”
Related: Truebit exploit reveals intelligent contract vulnerability behind $26 million token mint
Most projects won’t survive even after a major hack is fixed
Trust has become the most sensitive asset in cryptocurrencies. Alex Katz, CEO and co-founder of Web3 security firm Kerberus, said that even technically resolved incidents often mark the beginning of the end. “There are always exceptions, but in most cases a serious exploit is a death sentence,” Katz said, noting that users leave, liquidity declines and reputational damage becomes constant.
While intelligent contracts capture the once-dominant headlines, recent losses are increasingly the result of operational and human errors. “Human error is by far the weakest link in cryptographic security,” Katz said, explaining that most losses now result from users approving malicious transactions, interacting with bogus interfaces or unknowingly revealing their keys.
Earlier this month, a cryptocurrency user lost over $282 million worth of Bitcoin (BTC) and Litecoin (LTC) in one of the largest social engineering attacks ever recorded in the cryptocurrency sector. According to reports, the user was deceived by an attacker impersonating Trezor, who tricked him into revealing the seed phrase of the hardware wallet.
Crypto hacks increased in 2025, with attackers targeting major platforms and individual wallets, bringing total losses to $3.4 billion, the highest level since 2022. Just three incidents, including the $1.4 billion Bybit hack, accounted for 69% of all losses through early December.
“Outside of Bybit, we have seen an increase in similar attacks that completely bypass smart contracts and exploit protocol vulnerabilities,” Amador noted.
Advances in artificial intelligence have only made these attacks more effective. Amador said social engineering campaigns can now scale quickly, allowing attackers to send thousands of customized phishing messages a day.
Related: The hidden risk of public Wi-Fi: How a single opt-in wiped out your cryptocurrency wallet
2026 could be the strongest year in cryptocurrency history
Despite the grim statistics, cryptocurrency experts remain confident. Amador believes that intelligent contract security is improving faster than ever, thanks to better programming practices, more effective audits, and more mature tools. “I think 2026 will be the best year ever for smart contract security,” he said, pointing to the growing exploit of onchain monitoring, firewalls and threat intelligence.
However, the unresolved problem is readiness to react. Amador emphasized that teams should act decisively and communicate immediately when an incident occurs, even if its full scope is not clear. He argued that stopping the protocols early is much less harmful than allowing a spiral of uncertainty.
Warehouse: How cryptocurrency regulations have changed in 2025 – and how they will change in 2026
