Despite a tripling of code audits since 2022, the crypto industry continues to suffer significant losses, with over $2.2 billion stolen by malicious actors, including North Korea's Lazarus Group. Research by Oak Security reveals that the majority of successful attacks target human vectors such as compromised private keys, governance manipulation, insider compromise, and operational failures, which completely bypass the attack surface protected by traditional audits. This mismatch between audit focus and actual exploit vectors means that while code quality has improved, financial losses remain high. The article argues that audits alone create a dangerous illusion of safety, as they are limited evaluations of specific codebases at specific times. To address this, the industry must adopt a defense-in-depth approach that combines strong code review with hardened operational security, key management, governance constraints, and real-time monitoring. The author emphasizes that crypto projects are living organizations with human attack surfaces, and security must evolve to match the sophistication of attackers.

Key facts

• Malicious actors stole over $2.2 billion since 2022, with Lazarus Group prominent.
• Audit numbers tripled but losses did not decrease significantly.
• Major exploits bypass code audits, targeting human and operational vectors.
• Attacks on private keys, governance, and infrastructure cause greatest losses.
• Industry needs defense-in-depth beyond audits, including key management and monitoring.

KeyAudit data perspective