Theft Is Just the Beginning: The Slow Collapse Behind Cyber Attacks

比推Publicado a 2026-03-23Actualizado a 2026-03-23

Resumen

The article "Theft Is Just the Beginning: The Slow Collapse Behind Hacker Attacks" discusses the long-term impacts of cryptocurrency hacks beyond the initial financial loss. Based on Immunefi’s "2026 On-Chain Security Report," the analysis reveals that while attacks themselves are swift, the aftermath unfolds over months, causing prolonged damage such as declining token prices, reduced funding, halted hiring, and delayed development. Key findings include: - The median direct loss per attack is around $25 million, but tokens experience a median drop of 61% within six months, with 16% recovering to pre-attack levels. - Although the number of attacks remains steady (94 in 2024, 97 in 2025), the concentration of losses is alarming: the top five attacks accounted for 62% of total stolen funds. - Centralized platforms, though fewer in attack frequency, represent over half of the financial losses, highlighting persistent vulnerabilities in trusted intermediaries. The report emphasizes that the true crisis begins after the theft—projects face extended recovery periods, reputational harm, and operational disruption, making survival particularly challenging for less-resourced teams. The interconnected nature of DeFi ecosystems further amplifies risks, as single incidents can trigger broader market repercussions. Ultimately, the article underscores that resilience is not just about preventing hacks but enduring their prolonged secondary effects.

Author: Andjela Radmilac

Compiled by: Saoirse, Foresight News

Original title: Under the Shadow of Hackers, More Than Just the Demise of Funds

Cryptocurrency exploits can drain a wallet in minutes, but the full extent of the losses often takes months to fully materialize. Token prices continue to fall, project treasuries shrink, hiring freezes, and even projects that survive the theft may completely lose their future in the subsequent turmoil.

Cryptocurrency hacks never end the moment the wallet is emptied. The theft is swift and direct, followed by a slower collapse that begins to spread within the project.

Tokens continue to decline, funding pools shrink accordingly, hiring plans are cut, product development is delayed, and partners withdraw one after another. Projects that should be focusing on recovery end up spending months rebuilding credibility instead of building.

This is precisely the scene depicted in Immunefi's latest "2026 On-Chain Security Status Report." Its core argument applies to any market—whether in the crypto industry or traditional sectors: the initial loss is only part of the damage.

The more serious issue lies in the devastating impact of the exploit on the project's future. Immunefi data shows that the average direct amount stolen per attack in their sample was approximately $25 million, while the median drop in stolen tokens within six months was as high as 61%. During this period, 84% of the tokens failed to return to their pre-attack prices, and project teams spent at least three months on post-incident recovery, delaying normal development.

However, this data comes with a caveat: token declines have multiple causes, and many projects were already vulnerable before the attack—suffering from poor liquidity, overvaluation, or having already lost momentum.

Immunefi acknowledges that they cannot completely separate the impact of hacks from broader market weakness or the projects' own issues. Even so, the patterns revealed in the report are still noteworthy: hacker attacks are no longer isolated theft events but more like a long-tail corporate crisis.

The value of this report lies in its proof that, after the热点 news fades, the后续 effects of hacker attacks continue to cause long-term harm.

Median Attack Losses Are Decreasing, but Extreme Attacks Are Becoming More Dangerous

According to Immunefi's statistics, 191 crypto attacks occurred in 2024-2025, with total losses of $4.67 billion; over five years, 425 attacks累计 occurred, with total losses reaching $11.9 billion.

The number of attacks per year has hardly changed: 94 in 2024, 97 in 2025, roughly flat with 2023. This indicates that the overall security of the market has not significantly improved. Hacker attacks have become the norm in the crypto industry, and a few giant attacks are enough to define the industry's risk for an entire year.

The report reveals a core contradiction:

The median loss from attacks in 2024-2025 was $2.2 million, lower than the $4.5 million in 2021-2023. On the surface, this seems like progress. However, the average loss was still about $24.5 million, more than 11 times the median; previously, this gap was only 6.8 times. The top five attacks accounted for 62% of all stolen funds; the top ten accounted for 73%.

This is an extremely dangerous distribution pattern: the market appears stable and safe until a giant event tears it apart. The scale of ordinary attacks has become smaller, but the real致命 risk lies in the tail—a few特大 incidents absorb the vast majority of losses and冲击 the entire market in a single day.

The most typical case is Bybit. The exchange's $1.5 billion exploit became the most iconic hack of 2025, with this single incident accounting for 44% of all funds stolen that year.

It's easy to view such events as news spectacles, but they expose a deeper problem of risk concentration: a single failure at a core platform is enough to distort the annual loss structure of the entire industry, revealing that huge risks are still piled up on a few critical nodes.

The Protracted Decline Is Where the Project Truly Begins to Collapse

The data on stolen funds in the report is certainly noteworthy, but the most alarming part is the section on price impact.

In Immunefi's sample of 82 hacked tokens:

Within two days of the hack, the median drop was about 10%, roughly flat with the previous cycle;
But the real冲击 emerged later: the median drop expanded to 61% after six months, higher than the 53% in 2021-2023.

Six months later:

56.5% of the hacked tokens had fallen more than 50%;
14.5% had fallen more than 90%;
Only about 16% of tokens returned to or exceeded their pre-attack price levels.

Chart shows the median token price decline for 82 hacked tokens in Immunefi's sample from 2024 and 2025 (Source: Immunefi)

To understand the full impact of a hack, we can no longer view token price as an isolated market indicator. For the vast majority of crypto projects, the token is the treasury, the foundation for fundraising, and the public report card of credibility. A prolonged暴跌 directly cripples the project's operational cycle, hiring ability, bargaining power in partnerships, and internal morale.

The report points out that projects that suffer attacks often lose their security lead within weeks and enter a recovery period of at least three months. Even if the timeline varies by project, the consequences are clear: projects with crashed tokens and damaged brands have almost no breathing room or chance for a turnaround.

Many markets can withstand a theft, a bad quarter, or even a reputation crisis. But the crypto industry often compresses all three into the same event: the attack empties the treasury → the token暴跌 publicly revalues the project → partners withdraw before the internal cleanup is even finished.

Recovery in this environment is extremely difficult, and致命 for teams that were not well-funded to begin with.

Interdependency makes the situation worse. Immunefi believes the DeFi ecosystem has become increasingly interconnected, forming longer, more fragile risk chains between cross-chain bridges, stablecoins, liquid staking, restaking, and lending markets.

Although some cases in the report require external verification, the overall trend is undeniable: today's crypto systems have more complex layers, meaning the impact of a single attack will extend far beyond the affected protocol itself.

Centralized platforms remain at the epicenter of explosions.

The report shows that out of the 191 attacks in 2024-2025, only 20 targeted centralized exchanges, but these 20 caused losses of $2.55 billion, accounting for 54.6% of the total losses.

This shifts the problem from smart contract vulnerabilities back to asset custody, key management, and over-concentrated infrastructure. For an industry that often sells itself on "decentralized risk resistance," most of the huge losses still occur on highly trusted, centralized nodes.

But this does not mean all hacked projects are doomed to fail. The industry has entered a new phase: a project's survival no longer depends on whether it can withstand an attack, but on whether it can withstand the six months *after* the attack.

Theft is just the beginning of the crisis. What truly determines whether a project has a future is the long, slow,持续的 secondary damage that follows the attack.

Twitter:https://twitter.com/BitpushNewsCN

Bitpush TG Discussion Group:https://t.me/BitPushCommunity

Bitpush TG Subscription: https://t.me/bitpush

Original link:https://www.bitpush.news/articles/7622471

Preguntas relacionadas

QWhat is the main finding of Immunefi's '2026 On-Chain Security Status Report' regarding the impact of crypto hacks?

AThe main finding is that the initial theft is only part of the damage; the more severe problem is the devastating impact on a project's future, including prolonged token price declines, drained treasuries, halted hiring, and delayed development, which can lead to a slow, long-term collapse.

QAccording to the report, what was the median percentage drop in the price of hacked tokens after six months?

AThe median percentage drop in the price of hacked tokens after six months was 61%.

QWhat does the report reveal about the distribution of losses from crypto hacks between 2024 and 2025?

AThe report reveals a highly dangerous distribution: while the median attack loss decreased, the average loss was high, and a small number of extreme attacks accounted for the majority of the losses. The top 5 attacks represented 62% of all stolen funds, and the top 10 represented 73%.

QWhich type of platform was responsible for the majority of the financial losses from hacks in 2024-2025, despite having fewer incidents?

ACentralized exchanges were responsible for the majority of financial losses. Although only 20 attacks targeted CEXs, they resulted in losses of $2.55 billion, accounting for 54.6% of the total losses during that period.

QWhat key factor does the report suggest ultimately determines whether a project can survive a hack?

AThe report suggests that a project's survival is no longer determined by its ability to withstand the initial attack, but rather by its ability to withstand the subsequent six months of slow, prolonged secondary damage, including price collapse and reputational harm.

Lecturas Relacionadas

WeChat Agent Issues a 'Heroic Summons,' Half of the Internet Responds

WeChat AI Agent is on the horizon. The WeChat Open Platform has issued a guide for developers, offering them ways to integrate into the WeChat AI ecosystem. This will enable mini-programs to be discovered and invoked by the AI. Meituan has already announced its integration, allowing users to access services like food delivery through WeChat AI. Other platforms like Ctrip and Tongcheng have followed suit. Furthermore, WeChat is collaborating with major smartphone manufacturers to enable their native AI assistants to perform actions within WeChat, such as initiating calls or sending messages, through a controlled protocol called Agent-to-Agent (A2A). Reports indicate the WeChat AI Agent will be accessible by swiping right on the main interface. It aims to understand user intent within the rich context of chats, groups, and past interactions, then automatically call upon relevant mini-programs to complete tasks like ordering coffee or booking restaurants. This positions it as a potential "super app" with direct access to WeChat's vast ecosystem of services, social connections, and payment systems. Technically, this is a complex endeavor. It requires advanced natural language understanding, a "world model" to predict interactions within mini-programs (UI-Oceanus), multi-model orchestration for cost efficiency, and careful coordination with millions of third-party service providers. Tencent's development follows a "Co-Design" approach, where product teams and the Hunyuan model team collaborate closely, allowing capabilities honed in other AI products (like Yuanbao for chat, ima for search, WorkBuddy for office tasks) to be transferred to the WeChat Agent. Tencent is strategically opting for the A2A protocol over GUI-based automation (which it has blocked in the past), maintaining control over its ecosystem. To manage the immense scale and cost of serving 1.4 billion monthly active users, Tencent is deepening its ties with DeepSeek, known for its cost-effective training, to secure a low-cost inference backbone. The ultimate goal is to solve practical, everyday problems for users within the WeChat ecosystem, moving beyond technical benchmarks to deliver real utility, which Tencent sees as the key to winning in the long-term AI game.

marsbitHace 4 min(s)

WeChat Agent Issues a 'Heroic Summons,' Half of the Internet Responds

marsbitHace 4 min(s)

Strategy Erases Last Week’s Bitcoin Sale With 1,550 BTC Purchase

Strategy, a major Bitcoin treasury firm, has made a substantial purchase of 1,550 BTC for approximately $101 million. This acquisition completely offsets the company's sale of 32 BTC just one week prior, which had negatively impacted market sentiment. Following this buy, Strategy's total Bitcoin holdings have reached a new record of 845,256 BTC. The company's leadership, including Chairman Michael Saylor and CEO Phong Le, emphasized their ongoing strategy to accumulate Bitcoin over time. Concurrently, Strategy added $100 million to its USD reserve, bringing its total to $1 billion, to ensure dividend payments. The purchase was reportedly funded through sales of the company's stock. Meanwhile, U.S. Bitcoin spot ETFs experienced a fourth consecutive week of net outflows, totaling $1.72 billion last week. Bitcoin's price is currently around $63,400, reflecting a nearly 12% decline over the past seven days.

bitcoinistHace 17 min(s)

Strategy Erases Last Week’s Bitcoin Sale With 1,550 BTC Purchase

bitcoinistHace 17 min(s)

Humanity Loses $31 Million in Attack, Token Price Plummets 90% Due to a Single Private Key

On June 9th, the digital identity project Humanity Protocol suffered a major security breach resulting in over $31 million in losses. According to on-chain analyst Specter, hundreds of wallets holding the project's H token were drained. The attack was confirmed by founder Terence Kwok to be caused by the compromise of a foundation member's private key. As a precaution, users are advised to avoid interacting with Humanity's cross-chain bridge or liquidity pools. The incident caused the H token price to crash over 90%, from around $0.70 to a low of $0.052, wiping its market cap from $2 billion to approximately $35.7 million. The attacker allegedly minted 100 million new H tokens and is selling them for BNB. This breach adds to existing controversies surrounding Humanity Protocol. Founded in 2024, it aimed to verify human users via palm-print biometrics and zero-knowledge proofs. However, a leaked conversation in 2025 revealed that only about 1 million of its 9 million claimed Human IDs had completed biometric verification, suggesting 88% might be bots. Furthermore, the project has faced allegations of being a repackaged product from a Chinese access control vendor, raising privacy and authenticity concerns. Founder Terence Kwok's previous venture, Tink Labs, a hotel smartphone startup that raised $170 million, failed and entered bankruptcy in 2020 after burning through its funding. The current attack highlights the persistent critical issue of private key management in crypto. Unlike smart contract exploits, a private key compromise bypasses all on-chain security mechanisms. With no user compensation plan announced yet, this $31 million breach may be a final blow to the project's credibility, already weakened by previous controversies and a heavily depreciated token.

marsbitHace 38 min(s)

Humanity Loses $31 Million in Attack, Token Price Plummets 90% Due to a Single Private Key

marsbitHace 38 min(s)

MicroStrategy Will Not Die in This Downturn: Reflexivity, STRC Anchoring Back to Par, and the Self-Rescue Logic of "Sell Stock, Not Bitcoin"

This article analyzes the recent sharp decline in Bitcoin and MicroStrategy (MSTR), framing it as a targeted "reflexivity" attack. The trigger was MSTR using its cash reserves to buy back convertible notes, raising market concerns about a liquidity crisis. The playbook follows George Soros's principle: market expectations can shape reality. Fears that MSTR might be forced to sell BTC caused panic selling, lowering BTC's price and worsening MSTR's financial ratios, thus reinforcing the negative narrative. The author argues that MSTR's Structured Convertible (STRC), while falling in price, is a floating-rate security that will eventually return to par value (100). The price drop reflects the market demanding a higher yield due to perceived risk, but as a floating-rate instrument, its coupon can adjust, naturally pulling the price back to par over time. This is crucial for MSTR's continued ability to raise funds. The core thesis is that MSTR's best move to counter the attack is to **issue new equity (sell shares)**, not sell its Bitcoin holdings. While selling BTC would solve the immediate cash crunch, it would destroy the company's core investment thesis and premium. It would dilute the BTC per share, likely erase the market premium over its net asset value (mNAV > 1), and worsen its debt-to-asset ratio. Issuing shares while mNAV is high (e.g., 1.25x) allows MSTR to raise cash for reserves without harming shareholder value or the "perpetual accumulation" narrative. It improves the debt ratio and reassures STRC holders, breaking the negative reflexivity cycle. In conclusion, while MSTR could survive this episode even by selling BTC, doing so would fundamentally alter its investment proposition and weaken it for future cycles. The optimal, value-preserving strategy is to sell equity to rebuild reserves and maintain the long-term growth flywheel.

marsbitHace 39 min(s)

MicroStrategy Will Not Die in This Downturn: Reflexivity, STRC Anchoring Back to Par, and the Self-Rescue Logic of "Sell Stock, Not Bitcoin"

marsbitHace 39 min(s)

Humanity Loses $31 Million, a Private Key Causes Token Price to Plunge 90%

On June 9th, the digital identity project Humanity Protocol suffered a major security breach resulting in over $31 million stolen from hundreds of wallets holding its H token. The attack was caused by the compromise of a private key belonging to a foundation member, leading the team to advise users against interacting with its bridge or liquidity pools. Following the incident, the price of the H token plummeted by over 90%, from around $0.70 to a low of $0.052, wiping out a significant portion of its market capitalization. The attacker allegedly minted 100 million new H tokens and began selling them for BNB. Humanity Protocol, founded in 2024, aimed to verify human users through palm-print biometrics and zero-knowledge proofs on Polygon CDK. Despite raising $50 million across two funding rounds and achieving a unicorn valuation, the project faced prior controversies. Shortly after its June 2025 token launch, reports emerged that only about 1 million of its 9 million registered IDs had completed biometric verification, suggesting 88% might be bots. Furthermore, allegations surfaced that the project might be a rebranded "shell" of a Chinese access control company, raising concerns about data privacy and authenticity. The project's founder, Terence Kwok, has a controversial business history. His previous venture, Tink Labs, burned through $170 million in funding before collapsing in 2020. The breach highlights the persistent critical risk of private key management in crypto. With no user compensation plan detailed in the initial response, the incident deals a severe blow to trust in a project already struggling with credibility issues.

Foresight NewsHace 1 hora(s)

Humanity Loses $31 Million, a Private Key Causes Token Price to Plunge 90%

Foresight NewsHace 1 hora(s)

Trading

Spot

Futuros