coindesk.com
Cryptocurrency’s security story is changing, and not in the way most investors expect or would like to, as while crypto losses are on the rise, so too is onchain security.
Even as 2025 went down as the worst year for hacks on record, the biggest failures weren’t born onchain; instead, they were operational. Passwords, keys, compromised devices, manipulated employees, fake support agents. Human error, not broken code.
“Despite 2025 being the worst year for hacks on record, those hacks stem from Web2 operational failures, not onchain code,” Mitchell Amador, the CEO of bug bounty platform Immunefi, told CoinDesk in an exclusive interview.
That distinction matters, Amador said, because it suggests something counterintuitive: on-chain security is improving, even as losses keep rising.
“On-chain security is improving dramatically, and will continue to,” he said. “From the perspective of DeFi and onchain protocol code, I believe 2026 will be the best year yet for on-chain security.”
The direction of travel, in other words, is not necessarily toward weaker systems. It is toward more convincing, more sophisticated criminals, Amador suggested. His arguments align with the findings in Chainalysis’ 2026 Crypto Crime Report.
Scams are starting to outpace hacks
Chainalysis’ report, published this week, captured the same shift from a different angle: criminals are increasingly targeting individuals, not infrastructure. Roughly $17 billion in crypto was lost to scams and frauds in 2025, Chainalysis said, as impersonation and social engineering tactics and artificial intelligence helped scammers increase the number of victims.
Impersonation scams alone showed 1,400% year-over-year growth, Chainalysis said, while AI-enabled scams were 450% more profitable than traditional schemes.
The most recent such scam was exposed just last week as blockchain research ZachXBT revealed a social engineering crime by which a hacker stole $282 million of litecoin and bitcoin. The hackers victim lost 2.05 million LTC and 1,459 BTC, with the loot swiftly being swapped for privacy coin monero through multiple instant exchanges.
Amador said he believes code is getting harder to exploit, leading attackers to adapt and pivot to new sophisticated tactics. “With the code becoming less exploitable, the main attack surface in 2026 will be people,” he said. “The human factor is now the weak link that onchain security experts and Web3 players must prioritize.”
However, Amador said crypto technologists must not rest on their laurels just yet. “Over 90% of projects still have critical, exploitable vulnerabilities,” he said. And even where defensive tooling exists, adoption is thin. “Less than 1% of the industry uses firewalls, and fewer than 10% use AI detection tools.”
AI is changing the tempo for everyone
“In 2026, AI will change the tempo of security on both sides,” Amador said. “Defenders will rely increasingly on AI-driven monitoring and response that operates at machine speed, while attackers use the same tools for vulnerability research, exploit development, and social engineering at scale.”
Amador’s most forward-looking warning, however, isn’t about smart contracts or wallets. It’s about what happens when crypto systems start executing decisions on their own.
“This opens a new attack surface,” Amador said. “Onchain AI agents can be faster and more powerful than human operators, and they’re uniquely vulnerable to manipulation if their access paths or control layers are compromised.”
“We’re still early in learning how to secure agents properly,” he added, “and that’s going to be one of the defining security challenges of the next cycle.”
Chainalysis’ data demonstrates scammers are getting better at extracting value from individuals. Amador’s view suggests protocols are getting better at resisting pure code exploits. Together, they point to a future where crypto’s security battle is fought less onchain and more in user interfaces, corporate controls, monitoring systems, and education.