Crypto promises faster, cheaper payments than legacy finance, but security losses are eroding that advantage. The industry is on track to lose around 4% of total value locked to hacks in 2025; in H1 it lost over $2 billion, which annualizes to more than $4 billion this year. These are not small operational hiccups — they are existential holes in the value proposition.
The damage goes well beyond stolen funds. Hacked protocols suffer a median 52% token price decline over six months, and many tokens remain depressed half a year later. That price impact, plus operational and reputational costs, is factored into valuations and raises the cost of capital for every project.
State-backed actors and organized crime are actively targeting development teams. North Korean attackers, in particular, use social engineering and malware to compromise signing devices — as seen in the Radiant Capital breach that cost roughly $50 million. These incidents show how human and operational weaknesses, not just smart-contract bugs, drive the biggest losses.
The good news is the tools to stop much of this already exist. Continuous monitoring, AI-driven threat detection, formal verification for critical components, ongoing audits and meaningful bug bounties form a layered defense that catches problems before they become catastrophic. Yet many projects rely on a single pre-launch audit, set rewards too low to attract top researchers, and skip continuous monitoring until it’s too late.
To bring institutional money on-chain and scale stablecoins toward the projected $3.7 trillion market, DeFi must push hack rates below 1%. Practically, that means adopting comprehensive security stacks, increasing bounty sizes to reflect real risk, running continuous post-deploy monitoring, and formalizing incident response. The cost of these measures is trivial compared with the billions flowing to attackers.
If the industry fails to act, institutions will rationally keep capital in traditional markets — and hackers will keep funding operations with our losses. The choice is clear: prioritize security now or accept that growth will be limited by avoidable theft.
Source: CoinDesk. Read the original coverage for full details.
