The aftermath of a cryptocurrency hack extends far beyond the immediate loss of funds. While the initial theft is swift and conspicuous, the ongoing repercussions can create a slow but severe unraveling of the entire project.
As tokens plummet in value, the associated treasury dwindles simultaneously, leading to cutbacks on hiring, delayed product milestones, and abandonment by partners. What was initially a promising venture spends countless months struggling to regain credibility rather than focusing on growth.
This troubling scenario is starkly outlined in Immunefi’s new report, “State of Onchain Security 2026.” The core message is straightforward, relevant to both crypto markets and beyond: the immediate loss from a hack is merely a fraction of the true damage inflicted.
Immunefi notes that the average direct theft analyzed in its study reached approximately $25 million, while hacked tokens experienced a median six-month price drop of 61%. Alarmingly, 84% of these tokens failed to reclaim their value by the six-month benchmark, and teams typically lost a minimum of three months in recovery efforts.
However, interpreting these statistics requires caution. Token values fluctuate for a multitude of reasons, and many projects may have exhibited inherent weaknesses prior to any exploit. Some projects struggle with illiquidity, being overvalued, or facing dwindling momentum.
Immunefi clearly recognizes the challenges in disentangling the fallout from hacks versus broader market trends or specific project challenges. Nevertheless, its findings highlight a crucial pattern: hacks have morphed into long-term crises rather than being mere isolated incidents.
While median hacks have reduced, the most significant threats have intensified
The report shows that Immunefi recorded 191 hacks from 2024 to 2025, totaling $4.67 billion, raising the five-year tally to 425 hacks and $11.9 billion in losses.
The annual count remained relatively stable, with 94 known hacks in 2024 and 97 in 2025; this consistency reveals that the market has not significantly enhanced its safety protocols. Hacks have become an omnipresent element in the crypto landscape, even as colossal breaches continue to dominate headlines.
A key contradiction within the report lies in the averages. The median theft for the years 2024-2025 was $2.2 million, down from $4.5 million in the previous cycle. This might suggest improvements at first glance. However, the average theft in this timeframe was approximately $24.5 million, significantly above the median and an increase in disparity compared to earlier figures. Notably, the top five hacks constituted 62% of the total stolen funds, and the top ten made up 73% of the total.
This alarming distribution pattern masks substantial underlying risks. While the typical exploitation may appear smaller, the actual dangers burgeon from the infrequent but catastrophic events that can cause widespread market turmoil.
A case in point is the Bybit hack, which saw $1.5 billion stolen in what became 2025’s defining incident, representing a staggering 44% of the year’s total stolen funds.
These events should not be viewed merely as isolated occurrences but rather as symptomatic of deeper systemic vulnerabilities. A catastrophic failure at a major platform can disrupt the market’s annual profile, unveiling latent risks concentrated in a few pivotal chokepoints.
The longer-term repercussions where projects begin to unravel
While the theft figures may pique interest, the report’s analysis on price depreciation offers particularly striking insights. In Immunefi’s examination of 82 hacked tokens, the initial shock mirrored previous data, with a median two-day drop of about 10%. However, the subsequent six-month decline escalated to 61%, exceeding the 53% decline reported in the prior cycle.
At the six-month interval, more than half of the hacked tokens (56.5%) saw their prices cut by over 50%, while 14.5% plunged by more than 90%. A mere 16% maintained values above their prices at the time of the hack six months later.
To grasp the full impact of a hack, it’s crucial not to regard token valuations as isolated market indicators. For many cryptocurrency enterprises, the token serves as their treasury, financial base, and a public performance metric. A prolonged decline directly affects the company’s operational runway, recruitment capabilities, potential deals, and overall employee morale.
The report indicates that projects recovering from hacks frequently experience a rapid loss of security expertise and typically take at least three months to stabilize. Even if recovery timelines differ among projects, the negative consequences are apparent. With a tarnished token and brand, a company has fewer avenues and resources to regain its footing.
Various markets can often absorb a theft, a disappointing quarter, or even a hit to their reputation. However, in cryptocurrencies, these calamities often converge into a single cataclysm, draining funds, re-evaluating public perception, and triggering counterparty actions before internal recovery efforts have even commenced. This creates a hostile environment for recovery, particularly for teams that weren’t already overly capitalized.
The interconnected nature of today’s DeFi landscape exacerbates challenges stemming from hacks, as Immunefi points out. The complex web of relationships across bridges, stablecoins, liquid staking, restaking, and lending markets creates longer vulnerability chains.
This situation warrants careful consideration, especially since some case studies included in the report require external validation. Yet, it’s impossible to overlook the trend: cryptocurrency infrastructure is more layered than it was in previous years, enabling hacks to extend their damage beyond their initial targets.
Centralized platforms remain crucial in this dynamic, situated close to the epicenter of risk. Despite only 20 of the 191 hacks in 2024-2025 involving centralized exchanges, those incidents accounted for $2.55 billion or 54.6% of all stolen funds.
This highlights a greater issue that goes beyond bugs in smart contracts; it delves into matters concerning custody, key management, and infrastructure reliance. While the crypto sector often touts decentralization as a remedy for fragility, the most significant losses frequently arise from concentrated points of trust.
However, this doesn’t imply that every project subjected to a hack is destined for failure. The industry has evolved into a phase where survival hinges not just on a team’s ability to withstand a hack, but rather on its resilience in managing the subsequent six-month period.
The initial theft initiates the crisis, but the enduring damage ultimately determines whether a project can secure its future once the market continues its journey.
