The decentralised finance sector has now lost more than $1 billion to exploits in the past twelve months, with the pace of attacks accelerating sharply through 2026. April alone produced a record 28–30 incidents and roughly $606 million in stolen funds — and cybersecurity researchers say the inflection point is artificial intelligence.
The two largest individual heists of the year both occurred in April. On April 1, attackers drained approximately $285 million from Drift Protocol on Solana after a six-month social engineering campaign in which they posed as a quantitative trading firm to gain administrative access. On April 18, a separate group exploited a single-verifier flaw in Kelp DAO’s cross-chain bridge and extracted roughly $292 million in wrapped ether.
The AI angle
TRM Labs investigator Nick Carlsen, a former FBI analyst, told Bloomberg that the sophistication of the April heists makes it highly likely the attackers used AI to identify targets and design exploits. North Korea-linked groups are now estimated to be responsible for 76% of all crypto hack losses in 2026, up from below 10% in 2020.
Anthropic’s own December 2025 research showed that more than half of blockchain exploits carried out that year could have been performed autonomously by AI agents. The average cost of scanning a smart contract for vulnerabilities has fallen to approximately $1.22, while attacker breakeven on a fresh exploit now sits near just $6,000 in target value. The 10-to-1 economic asymmetry baked into the technology favours offence.
Systemic risk emerges
The Kelp DAO hack triggered a separate $9 billion outflow from Aave in just two days as depositors lost confidence in the collateral backing the lending market. Total value locked across DeFi lending dropped by more than $13 billion in 48 hours and Aave itself ultimately required a rescue. That cascade — a single exploit propagating through a $130 billion ecosystem of composable protocols — is the structural vulnerability AI is now exposing at industrial scale.
Where defence stands
The defensive side is not keeping pace. Pre-execution transaction evaluation tools, formal verification, multi-signature thresholds, and active bug bounties remain the recommended baseline, but the operational tempo of attacks has compressed from months down to hours. As an a16z research team recently demonstrated, an AI trained on prior DeFi hacks “always found the vulnerability” in a target protocol — even if it could not yet fully autonomously profit from it.
Sources: The Next Web, TRM Labs, Chainalysis, Anthropic, Halborn.
