Latest

DeFi Hack Losses to Decline by 2026, Says Dragonfly Partner

DeFi hack losses expected to decline in 2026 despite AI fears, says Dragonfly partner

DeFi hack losses may fall in 2026, according to Dragonfly managing partner Haseeb Qureshi. Odd claim? Maybe. After all the panic around AI-assisted attacks, it sounds backwards at first. But his argument is simple enough: the biggest DeFi protocols have become harder targets. My take: if he is right, investors may start treating some of DeFi as less radioactive than it looked after the worst exploit years.

DeFi Hack Losses to Decline by 2026, Says Dragonfly Partner

Qureshi’s view pushes against the usual crypto-security panic loop. Most guides imply AI will make theft suddenly easy. That is only half right. Hacks are still happening, and the number of incidents hitting DeFi protocols has gone up. The average loss per hack, though, has been falling. That matters because it points to attackers spending more time on smaller, weaker, or barely alive protocols instead of the major platforms where most user funds sit. The target map changed.

He also pointed to lower losses from compromised admin keys and multisignature wallets. I would not chalk that up to luck. Large protocols have spent real money on audits and monitoring. They have tightened access controls. They have also done the dull operational work that helps prevent nine-figure disasters. It works. No, that does not make DeFi safe. It does mean serious teams are no longer treating security like a launch-week checkbox.

AI-driven hacking has been one of the louder fears in crypto. The worry is not silly: automated vulnerability hunting, faster phishing, adaptive attacks, machine-speed probing. Still, Qureshi said those fears have not become a major crisis yet. Why does this matter? Because the absence of a catastrophic AI-driven DeFi hack in 2025 supports the less dramatic read. Current AI models may help attackers, but they do not seem to be reliably cracking top DeFi protocols at scale. Security teams are using automation too, including anomaly detection and faster patching. So yes, it is an arms race. Just not the doomsday version.

For crypto investors, the money angle is hard to miss. If hacks become less financially destructive, DeFi looks less dangerous. I will be honest: that does not make institutions fearless. Maybe not pension-fund-by-breakfast willing, but less allergic. More capital could mean deeper liquidity and stronger valuations for established tokens such as ETH, which still underpins a large share of DeFi activity. Fewer major exploits could also ease some regulatory pressure, since huge losses give regulators an easy headline.

The drop in average loss per hack is a good sign, but it is not a permission slip to get careless. Counter to the usual advice, “use audited protocols” is not enough by itself. The better read is narrower: the biggest pools of value are better protected than they used to be. For users, the lesson is painfully familiar: stick with established, audited protocols. Be careful with anonymous teams promising absurd yields. The market keeps teaching this lesson, and people keep paying tuition. Smaller and riskier protocols appear to be taking more of the hits, while better defended platforms are getting through with less damage.

What this means

This points to a more mature phase for DeFi. Not polished. Not safe. Just less fragile than before. If financial losses keep shrinking even as incident counts rise, investors may start separating serious protocols from the rest of the pile. My read is blunt: a flight to quality would make sense here. That could lower the risk premium on DeFi investments and send more money toward audited names with a real track record.

Investors should watch what major protocols actually spend on security, not just what they claim in governance posts. Audit reports matter. Bug bounties matter. Incident response records matter too. So do multisig practices and whether a team fixes known issues before Twitter finds them. Is this overkill? For DeFi, no. If average hack losses keep falling through 2026, traditional finance risk desks may need to update their models. That could help blue-chip DeFi tokens such as UNI, AAVE, and LINK. Security firm reports are worth reading each quarter, along with any change in how regulators talk about DeFi after a quieter stretch.

FAQ

Q1: What is the main prediction for DeFi hack losses in 2026?

A1: Dragonfly managing partner Haseeb Qureshi expects DeFi hack losses to decline in 2026.

Q2: Why does that prediction sound counterintuitive?

A2: It goes against the common fear that AI-assisted attacks will make crypto theft worse.

Q3: What has happened to hack counts compared with financial losses per incident?

A3: Hack counts have increased, but the average financial loss per incident has been falling.

Q4: What do lower losses from compromised admin keys and multisignature wallets suggest?

A4: They suggest better operational security, especially at larger DeFi protocols.

Q5: Had AI-driven hacks become a major crisis by 2025?

A5: According to Qureshi, no. AI fears had not become a major crisis, and no catastrophic AI-driven DeFi hack occurred in 2025.

Q6: What could declining hack losses mean for crypto investors?

A6: Lower losses could make DeFi look less risky, which may draw more institutional capital and improve liquidity and valuations.

Q7: What does the falling average loss per hack say about DeFi’s health?

A7: It suggests the most valuable assets are getting better protection and that stronger security practices are becoming more common among serious projects.

Q8: What should investors check when judging a project’s security?

A8: Investors should look at security spending, audit reports, bug bounty programs, and how the team handles incidents.

Q9: How might a safer DeFi market affect regulatory pressure?

A9: Fewer large hacks could reduce some regulatory pressure by giving officials fewer headline disasters to point to.

Q10: Which protocols are taking the most damage?

A10: Smaller, riskier, unaudited, anonymous, or inactive protocols appear to be taking more of the damage, while stronger platforms have been hit less severely.