DeFi Exploit and Hack Tax Statistics for 2026

As blockchain-based financial systems continue to mature, the intersection of crypto security failures and tax law has become one of the most consequential policy areas in digital asset compliance. In 2025 alone, stolen cryptocurrency totaled $3.4 billion according to Chainalysis, with a single event – the Bybit exchange breach – accounting for nearly $1.5 billion. For victims, the financial devastation is compounded by significant uncertainty: whether losses from DeFi exploits, protocol hacks, or custodial failures qualify for any form of tax relief under United States and international law remains a contested and rapidly shifting question.

In March 2025, the IRS Office of Chief Counsel issued guidance memorandum CCA 202511015 clarifying when crypto theft losses qualify for deduction under IRC §165. Shortly thereafter, the One Big Beautiful Bill Act signed into law on July 4, 2025, permanently modified personal casualty and theft loss rules, reshaping the tax landscape for DeFi exploit victims for years to come.

At KoinX, we help investors and tax professionals navigate these complex intersections of on-chain security events and tax reporting obligations, and the data compiled below reflects exactly why precise documentation and a clear understanding of the applicable statutory framework have become essential for anyone holding digital assets.

This article compiles verified statistics on DeFi exploit losses, IRS and regulatory guidance on deductibility, enforcement posture, and on-chain insurance coverage drawn from government agencies, blockchain analytics firms, academic institutions, and primary regulatory filings. All figures are sourced directly from the originating organization and carry their original publication year.

Scope and Methodology

This article draws exclusively on primary-source data published within the last two years (2024 and 2025), with original study years retained for each statistic. Sources were evaluated against a strict primary source test: only organizations that produced the underlying data themselves were eligible for inclusion. This includes government agencies and tax authorities (IRS, FBI, DOJ, Treasury), blockchain analytics and forensics firms publishing original on-chain research (Chainalysis, TRM Labs, Immunefi, Halborn), and regulatory bodies publishing official guidance or filings.

Geographic scope for this article is primarily United States, with relevant blockchain analytics data sourced globally. Multi-jurisdictional loss figures are drawn from Chainalysis and TRM Labs reports, which track on-chain activity across blockchains and geographies without restricting to a single national context.

Statistical integrity was maintained by confining each bullet to a single metric from a single source. No statistics were synthesized, combined, or inferred across sources. All figures include at least one explicit numerical value, and word-form numbers were converted to digit form throughout. The article acknowledges material data limitations: blockchain theft figures are lower-bound estimates that are revised upward as illicit addresses are identified over time, and DeFi insurance market data remains fragmented across decentralized protocols without standardized disclosure.

DeFi and Crypto Hack Losses at a Glance: 2026 Statistics

• $3.4 billion in total cryptocurrency losses was recorded across 2025, the highest annual figure since the 2022 peak of $3.8 billion, based on a 2025 report by Chainalysis.
• 83.9% of 82 hacked tokens tracked between 2021 and 2025 remained below their pre-hack price after 6 months, with a median price decline of 61%, based on a 2026 report by Immunefi.
• The 5 largest exploits in 2024 and 2025 accounted for 62% of all funds stolen across the 2-year period, based on a 2026 report by Immunefi.
• Ransomware payments reached a record-high single payment of $75 million made to the Dark Angels group in March 2024, with 5,635 publicly reported attacks surpassing the 5,223 recorded in 2023, based on a 2025 Crypto Crime Report by TRM Labs.
• Personal wallet compromises grew from 7.3% of total stolen cryptocurrency value in 2022 to 44% in 2024, with 158,000 total theft incidents recorded in 2025 – nearly triple the 54,000 recorded in 2022, based on a 2025 report by Chainalysis.
• Only 19% of hacked DeFi protocols among the top 100 used multi-sig wallets, and only 2.4% employed cold storage at the time of their breach, based on a 2025 Top 100 DeFi Hacks report by Halborn.
• Total illicit cryptocurrency transaction volume reached $154 billion in 2025, a 162% increase from the revised $57.2 billion recorded in 2024, based on a 2026 Crypto Crime Report by Chainalysis.
• The IRS Ponzi scheme safe harbor under Rev. Proc. 2009-20 allows qualifying taxpayers to deduct up to 75% of a qualified investment in a fraudulent investment arrangement meeting specific statutory criteria, including a formal criminal charge or indictment, based on a 2025 guidance document by the IRS National Taxpayer Advocate.

DeFi Protocol and Exchange Exploit Loss Statistics

• $4.67 billion was lost across 191 publicly disclosed hack incidents in 2024 and 2025 combined, at a rate of approximately 94 incidents in 2024 and 97 in 2025, based on a 2026 State of Onchain Security report by Immunefi.
• 20 centralized exchange hacks in 2024 and 2025 accounted for approximately $2.55 billion, or 55% of total losses from 191 incidents, despite representing fewer than 11% of total incident count, based on a 2026 report by Immunefi.
• The average loss per hack across 425 publicly known incidents from 2021 through 2025 was approximately $25 million, based on a 2026 report by Immunefi.
• The median hack loss shrank to approximately $2.2 million in 2024 and 2025 from approximately $4.5 million in the prior period, suggesting incremental security improvements in limiting routine exploits, based on a 2026 report by Immunefi.
• Faulty input verification and validation was the primary cause of smart contract exploit hacks in 2020, 2021, 2022, and 2024, accounting for 34.6% of cases among the top 100 DeFi hacks, based on a 2025 Top 100 DeFi Hacks report by Halborn.
• Flash loan attacks surged in 2024, making up 83.3% of eligible exploit incidents that year, based on a 2025 Top 100 DeFi Hacks report by Halborn.
• DeFi total value locked (TVL) recovered to approximately $119 billion by 2025, more than doubling from lows below $40 billion in 2023, yet DeFi-specific hack losses remained suppressed relative to historical norms during the same period, based on a 2025 report by Chainalysis.
• Crypto hack losses in 2023 totaled approximately $1.7 billion, representing a 54% decline from the 2022 peak of $3.8 billion, before rising again to approximately $2.2 billion in 2024, based on a 2025 report by Chainalysis.
• Over 54% of off-chain attacks tracked in the top 100 DeFi hack dataset lack clearly disclosed attack vectors or origins, based on a 2025 Top 100 DeFi Hacks report by Halborn.
• The top 10 hacking incidents in 2024 and 2025 accounted for 73% of all funds stolen across 191 incidents, based on a 2026 State of Onchain Security report by Immunefi.
• Off-chain attacks accounted for 80.5% of stolen DeFi funds in 2024, with compromised accounts making up 55.6% of all incidents that year, based on a 2025 Top 100 DeFi Hacks report by Halborn.

IRS Tax Treatment and Deductibility Statistics for Crypto Hack Losses

• CCA 202511015 analyzed 5 distinct taxpayer fact patterns – including compromised account scams, phishing, pig butchering, romance scams, and kidnapping scams – and found that 3 of the 5 qualified for deduction under IRC §165(c)(2) based on presence of a profit motive, based on a 2025 IRS Office of Chief Counsel memorandum.
• The One Big Beautiful Bill Act, signed July 4, 2025 as Public Law 119-21, permanently limited personal casualty loss deductions to federally or state-declared disasters; this eliminated a deduction pathway previously available to an estimated 80,000+ individual crypto theft victims recorded in 2025 alone, based on a 2025 IRS provision summary.
• Theft loss deductions qualifying under IRC §165(c)(2) are limited to the taxpayer’s cost basis in the stolen assets; across the 3 eligible fact patterns in CCA 202511015, the deductible amount in each case was capped at the taxpayer’s basis in the IRA and non-IRA funds stolen, with $0 additional deduction permitted beyond that basis, based on a 2025 IRS Office of Chief Counsel memorandum.

North Korean and State-Linked Hack Enforcement Statistics

• The FBI and the Department of Defense Cyber Crime Center formally attributed the theft of $308 million from DMM Bitcoin in May 2024 to North Korean state cyber actors tracked as TraderTraitor, based on a 2024 public statement by the FBI.
• The governments of Japan, South Korea, and the United States jointly attributed more than $659 million in 2024 cryptocurrency thefts to North Korean state-linked hackers through trilateral public statements, based on a 2024 FBI press release.
• North Korea-affiliated hackers stole $1.34 billion across 47 incidents in 2024, a 102.88% increase in value stolen from the $660.50 million across 20 incidents recorded in 2023, based on a 2025 report by Chainalysis.
• North Korean state-linked hackers stole at least $2.02 billion in cryptocurrency during 2025, a 51% year-over-year increase, pushing their cumulative lower-bound total to $6.75 billion since 2017, based on a 2025 report by Chainalysis.
• The DOJ filed a civil forfeiture complaint in July 2025 seeking $7.74 million in cryptocurrency laundered on behalf of the North Korean government by IT workers embedded in US companies, based on a 2025 DOJ press release.
• 4 North Korean nationals were indicted in the Northern District of Georgia in 2025 for stealing nearly $1 million in cryptocurrency through fraudulent IT contractor schemes targeting US blockchain firms, based on a 2025 DOJ press release.
• DPRK attacks accounted for a record 76% of all service-level cryptocurrency compromises in 2025, based on a 2025 report by Chainalysis.
• TRM Labs estimated that North Korean hackers stole approximately $1.6 billion across 75 incidents in H1 2025 alone, accounting for approximately 70% of global crypto crime by value during that period, based on a 2025 mid-year report by TRM Labs.

Illicit Volume and AML Statistics

• Stablecoins accounted for 84% of all illicit cryptocurrency transaction volume in 2025, up from 63% in 2024, based on a 2026 Crypto Crime Report by Chainalysis.
• Illicit cryptocurrency volume fell to $45 billion in 2024, representing 0.4% of total crypto transaction volume of $10.6 trillion, a 24% decline from the prior year, based on a 2025 Crypto Crime Report by TRM Labs.
• Sanctioned entities accounted for 33% of all illicit crypto volume in 2024, followed by blocklisted addresses at 29% and scams and fraud at 24%, based on a 2025 Crypto Crime Report by TRM Labs.
• Illicit entity balances held in Bitcoin, Ether, and stablecoins reached nearly $15 billion as of July 2025, representing a 359% increase from balances observed in 2020, based on a 2025 report by Chainalysis.
• Nearly 95% of stablecoin balances held by illicit entities were drained within 90 days of the last inflow, with only 29.5% of wallets maintaining any stablecoin balance after 1 year, based on a 2025 analysis by Chainalysis.

On-Chain Insurance Coverage Statistics

• Nexus Mutual paid out over $2.5 million in claims following the December 2021 BadgerDAO $120 million exploit, based on a 2025 platform overview by OpenCover.
• Nexus Mutual’s capital pool held over $100 million according to CoinGecko data referenced in a 2025 governance proposal (NMPIP-262), based on a 2025 platform disclosure by Nexus Mutual.
• DeFi insurance coverage premiums typically range from 2% to 10% annually depending on protocol risk and coverage duration, based on a 2025 platform overview by OpenCover.
• Smart contract failure insurance was adopted by only 18% of exchanges using DeFi protocols as of 2025, while business interruption insurance had grown to cover 22% of insured exchanges, based on a 2025 market analysis by Coinlaw.
• Ransomware insurance covering extortion payments became standard in 45% of exchange insurance policies by 2025, based on a 2025 market analysis by Coinlaw.

References

• https://www.chainalysis.com/blog/crypto-hacking-stolen-funds-2026/
• https://immunefi.com/research/
• https://www.trmlabs.com/reports-and-whitepapers/2025-crypto-crime-report
• https://www.halborn.com/reports/top-100-defi-hacks-2025
• https://www.chainalysis.com/blog/2026-crypto-crime-report-introduction/
• https://www.taxpayeradvocate.irs.gov/news/nta-blog/irs-chief-counsel-advice-on-theft-loss-deductions-for-scam-victims/2025/04/
• https://www.irs.gov/pub/irs-wd/202511015.pdf
• https://www.irs.gov/newsroom/one-big-beautiful-bill-provisions
• https://www.fbi.gov/news/press-releases/fbi-dc3-and-npa-identification-of-north-korean-cyber-actors-tracked-as-tradertraitor-responsible-for-theft-of-308-million-from-bitcoindmmcom
• https://www.justice.gov/opa/pr/department-files-civil-forfeiture-complaint-against-over-774m-laundered-behalf-north-korean
• https://www.justice.gov/usao-ndga/pr/four-north-koreans-charged-nearly-1-million-cryptocurrency-theft-scheme
• https://www.chainalysis.com/blog/landscape-of-seizable-crypto-assets-2025/
• https://opencover.com/learn-and-resources/defi-insurance-protecting-your-crypto/
• https://nexusmutual.io/
• https://coinlaw.io/crypto-insurance-coverage-for-exchange-hacks-statistics/