Hacked crypto tokens drop 61% on average and rarely recover, Immunefi report says
A new security report from Immunefi reveals that crypto hacks result in an average loss of $25 million per incident, with token prices dropping a median of 61% within six months of a breach. The study, which analyzed 425 incidents between 2021 and 2025, highlights that centralized exchange breaches drive the majority of losses and that most hacked tokens rarely recover their pre-exploit value.
A new security report from Immunefi finds that crypto hacks continue at a steady pace while losses are becoming more concentrated in a small number of massive exploits.
Analyzing 425 publicly known incidents between 2021 and 2025, the report estimates that the average hack now results in about $25 million in stolen funds. In 2024 and 2025 alone, 191 hacks led to $4.67 billion in losses, with just five incidents accounting for 62% of the total.
Despite representing fewer incidents, centralized exchange breaches drove the majority of losses. Twenty exchange hacks accounted for roughly $2.55 billion, or about 55% of the total, reflecting how large pools of user funds are concentrated behind fewer points of failure.
Token markets also appear to be reacting more harshly to breaches. Across 82 hacked tokens tracked in the study, prices fell a median 61% within six months, with 83.9% remaining below their hack-day price over that period.
“The market has become less forgiving because expectations have changed,” Immunefi CEO Mitchell Amador told Cointelegraph, adding that breaches are now seen as signals of deeper issues in engineering, governance and operational resilience.
Amador said the long-term impact of exploits often extends well beyond the initial loss: > The stolen funds are only the first layer of damage. What follows is often more destructive: sustained token price suppression, reduced treasury capacity, leadership disruption, lost development time, and erosion of user trust.
The report also highlighted how interconnected DeFi systems can amplify the fallout from a single incident, with failures cascading across lending, collateral and liquidity networks.
One example involved the collapse of Elixir’s deUSD stablecoin in November 2025. Elixir had parked roughly 65% of deUSD’s collateral with Stream Finance, which disclosed a $93 million loss from an external fund manager. As Stream’s stablecoin xUSD fell 77%, deUSD’s backing deteriorated, redemptions halted and panic selling hit Curve pools, ultimately pushing deUSD down more than 97%.
Recent exploits highlight ongoing security risks in crypto While crypto-related hack losses fell to $26.5 million in February, the lowest monthly total in nearly a year, according to PeckShield, several security incidents have already surfaced in March.
Researchers at Google reported a new exploit kit targeting Apple iPhone users that is designed to steal cryptocurrency wallet seed phrases. The toolkit, known as Coruna, contains multiple exploit chains capable of targeting devices running various versions of Apple’s iOS and has been linked to phishing websites posing as crypto platforms.
The Bitcoin-based DeFi platform Solv Protocol also reported that one of its token vaults was exploited for roughly $2.7 million, affecting fewer than 10 users. The project said it would cover the losses and offered the attacker a 10% bounty in exchange for returning the funds while security firms investigate the breach.
Separately, the domain of Bonk.fun was hijacked after attackers gained access to a team account and deployed a wallet-draining scheme through the site. The project warned users not to interact with the platform while the team worked to regain control of the domain.
Meanwhile, NFT lending platform Gondi disabled a faulty smart contract after an exploit allowed an attacker to steal roughly $230,000 worth of NFTs. The project said it is compensating affected users while investigating the vulnerability, which involved a contract used to sell escrowed NFTs and repay loans.
