DeFi Exploit Losses Fell 74% in 2025 From 2022 Peak: Immunefi

Total value lost to exploits across decentralized finance (DeFi) protocols dropped to $680.3 million in 2025, a 74% decline from the $2.62 billion high recorded in 2022, according to a new report from Web3 security firm Immunefi. The data, cited by The Block, suggests that despite the industry's hand-wringing over AI-powered threats, DeFi is quietly getting harder to rob.

Steep decline in both total losses and average incident cost

The report highlights a parallel drop in the average loss per exploit, which fell 75% from $6 million in 2022 to $1.5 million in 2025. Fewer whales are getting harpooned, and the ones that do are getting off lighter. Immunefi's findings span a broad range of on-chain protocols, lending platforms, and cross-chain bridges, all of which have historically dressed up as "honeypots" for attackers.

AI threats remain theoretical as real-world security improves

Much of the recent chatter around DeFi security has fixated on the potential for AI-powered attacks, including automated vulnerability scanning and more sophisticated social engineering. The Immunefi data, however, suggests that actual security gains—better auditing practices, faster bug bounty programs, and more robust smart contract standards—are outpacing the threat landscape. The report notes that the DeFi sector is increasingly secure, even as AI tools become more accessible to anyone with a laptop and poor intentions.

What this means for the broader crypto ecosystem

For institutional investors and retail users alike, the downward trend in exploit losses signals a maturing market. Security remains the perennial top concern for DeFi adoption, and the data offers concrete evidence that the industry's investment in protective infrastructure is paying off. It also nudges the narrative away from fear-driven headlines toward a more measured view of risk and reward in decentralized finance.

Conclusion

The 74% reduction in DeFi exploit losses from 2022 to 2025 marks a significant milestone for Web3 security. No system is immune to attack—anyone who tells you otherwise is probably selling one—but the Immunefi report underscores that the ecosystem is learning from past incidents and building more resilient protocols. Continued vigilance and proactive security measures will be essential to keep this trajectory pointed in the right direction.

FAQs

Q1: What caused the 74% drop in DeFi exploit losses? The decline is attributed to improved smart contract auditing, faster bug bounty programs, better incident response practices, and the overall maturation of security infrastructure across the DeFi ecosystem.

Q2: Are AI-powered attacks a real threat to DeFi? While AI tools are a growing concern, the Immunefi report indicates that actual security improvements have so far outpaced AI-driven threats. The industry is actively preparing for potential AI-enabled attacks.

Q3: Which types of DeFi protocols were most affected by exploits in 2025? The report covers a wide range of protocols, but cross-chain bridges and lending platforms have historically been the most targeted. The overall trend shows declining losses across all major categories.