CoinDesk Indices, Crypto Hacking, crypto hacks, Hackers, North Korea, Blockchain Security, CoinDesk Indices, Crypto Long & Short, Opinion, Opinion If the DeFi industry doesn’t adopt the security tools we’ve already built, then we will watch institutional capital deploy elsewhere while hackers fund their operations with our losses, writes Immunefi’s Mitchell Amador. 

Crypto is superior to traditional finance. Unlike SWIFT, which can take days to process payments, newer blockchain networks achieve finality in mere seconds and have throughput sufficient for real-world mass adoption. U.S. Treasury Secretary Bessent projects stablecoins alone will hit $3.7 trillion by 2030. That’s the equivalent of Germany’s GDP.

Despite its technological edge, crypto has a major security problem. We’re on track to lose around 4% of total value locked to hacks in 2025. In H1 alone, the industry lost over $2 billion. When annualized, that points to over $4 billion flowing into hackers’ wallets this year.

If these losses were mirrored in traditional finance, the entire system would collapse. Yet crypto normalizes catastrophic loss rates while wondering why JPMorgan isn’t moving their balance sheet on-chain.

Hacks cost more than you think

The real damage goes far beyond immediate theft. It’s a burden on the whole ecosystem and it gets priced in. Hacked protocols suffer a median 52% token price decline over six months, with the majority still showing price suppression half a year later.

For an industry aspiring to manage the world’s wealth, this is an existential problem. No traditional financial market could survive with annual theft rates approaching 4%. To unlock the institutional flood gates and bring the next trillion on-chain, we must drive hack rates below 1% – now.

The North Koreans are stalking your development team

The moment a crypto project announces funding, North Korean hackers begin social engineering attacks on development teams. They’ve gotten scary good at it. Look at the Radiant Capital hack – $50 million gone because attackers compromised devices through malware that infected transaction signing.

The most painful part of all of this is that we have the tools to stop this, and they keep getting better. AI-driven monitoring systems can spot and resolve critical security issues before code is deployed, catching vulnerabilities that humans miss. Auditing services connect projects with elite Web3 security researchers to deliver tailored security reports. We have the tools, yet projects still ship with single pre-launch audits and pray. Protocols set rewards to identify vulnerabilities at 1% of funds at risk when they should be at 10%. Moreover, they skip monitoring because it seems expensive until they’re explaining to users why $50 million vanished.

How to make crypto ready for primetime

Reducing hack rates below 1% is an engineering challenge we already know how to solve. Protocols must embrace comprehensive security stacks: continuous monitoring, meaningfully priced security rewards to encourage security researchers, formal verification for critical components and AI-powered threat detection. The cost is trivial compared to the potential losses.

Banks and institutions see these hack rates. They run the math. And they conclude – correctly – that crypto isn’t ready for prime time.

DeFi survived every market crash with no systemic bad debt. We solved the technical problems. Security can’t be an afterthought. Either we adopt the security tools we’ve already built, or we watch institutional capital deploy elsewhere while hackers fund their operations with our losses.

 CoinDesk: Bitcoin, Ethereum, Crypto News and Price Data Read More