- In the last four months, crypto transactions exceeded $770 million according to DeFiLlama.
- Drift and KelpDAO were the two biggest offenders and drove about 76% of crypto losses in 2026.
- AI-driven crypto transactions remain a fantasy, but the risks of automation are growing.
The crypto industry is currently facing very dangerous security times. By April 2026, according to the information provided by DeFiLlamamore than $770 million had already been stolen using crypto-related exploits, and what is interesting is that about 76% of those losses have been related to cyber operations in North Korea.
Although major events such as the Drift protocol and KelpDAO have accounted for a large amount of stolen funds, the high speed of attacks and the proliferation of cryptographic methods is something that raises questions about security in the DeFi space.
Most of the losses for the year were due to several major events. The two biggest publicly reported crypto deals were Drift program and KelpDAOwhich together amounted to 577 million dollars in stolen goods. Drift reportedly lost about $285 million, while KelpDAO spent about $292 million.
The Drift Protocol was used on April 1, and the attackers are said to have used engineering to create trust over time, then tampered with the authority’s permissions to write a fake pledge. This allowed them to invest in virtual assets and borrow real currencies such as USDC, ETH and SOL.
In the case of KelpDAO, the attackers exploited a bridge authentication flaw that allowed them to unlock unmodified rsETH. They then used the stolen collateral from all the DeFi lending platforms to borrow hundreds of millions in legitimate assets.
Together, these two shows accounted for nearly 76% of all crypto losses recorded in 2026 through April.
DeFi’s Security Model Faces Increasing Pressure Over Smart Contract Bugs
The Drift and KelpDAO attacks exposed vulnerabilities in DeFi that were not typographical errors. The Drift exploit showed how control systems, multi-party security, and security mechanisms can be used effectively if protocols rely on trust among signatories without adequate safeguards such as time-locks or formal authentication.
KelpDAO highlighted the dangers of bridge architectures built around single authentication models, where a single authentication unit can cause such a large loss.
Such events may increase regulatory scrutiny of DeFi governance, bridge security and communication infrastructure, as billions are being injected into DeFi. Regulators may push for stricter performance standards, while protocols may face pressure to adhere to stricter security measures.
The environmental impact can be huge. Repeated hacks can undermine business confidence, increase security costs, and shift investment to protocols with stronger governance and security infrastructure. In the end, the future of DeFi may depend on reforming governance systems, bridge architecture, and operational security in order to cope with human-powered machines.
Apart from major incidents, there have also been many minor threats. Platforms such as Wasabi Protocol ($5.5 million), Aftermath perps ($1.14 million), Grinex ($15 million), Resolv Labs ($24.5 million) and various bridges or financial systems have all experienced security failures from breaching private keys to tampering with smart contracts.
These two attacks alone dramatically reversed the year’s losses and reinforced how a small, successful breach can dominate crypto security metrics. Also, according to Opinions of the company TRM Labs and several intelligence reports on the blockchain, both of these cryptocurrencies have been publicly exposed due to the threat linked to the North Korean Lazarus Group.
At the same time, ideas surrounding AI-powered crypto systems are floating around and the most pressing question that has been asked right now is whether autonomous AI-powered systems are already being used?
Why AI is now entering the DeFi security debate
Speculation about the power of AI has grown after DeFi developer Vitto Rivabella publicly stated that North Korea could fund malicious AI models using DeFi’s history. Although there is no concrete evidence that such practices exist, the theory came about as a result of the growth of the industry.
Andreessen Horowitz (a16z) published a research on April 28, 2026, which describes the results of a test in which AI agents can detect weaknesses and reproduce evidence of DeFi.
Researchers tested the AI agent on 20 previous Ethereum DeFi hacks. At first, it looked very good because it could solve 50% of the cases. But later the researchers discovered that the AI was hacking by finding future blockchain data and copying the details of the actual attack. When the shortcut was removed, the AI’s success dropped to just 10%.
When researchers provided the AI with detailed information from past hacks, such as common attack methods and techniques, the AI was able to successfully exploit 70% of the cases.
What is important to note from this research is that this AI already has great potential in risk detection and is able to use reproduction, although it is weak in many financial problems. Complex attacks require planning, strategy, and accounting, which AI is still struggling with.
The study also found that the AI was able to bypass certain restrictions in its test environment, showing that it can sometimes work under pressure.
DeFi’s Public Infrastructure Makes It Very Risky
DeFi is one of the sectors that has faced AI-supported threats because blockchain systems provide public intelligence codes, transparent history of crypto exploits, large onchain financial incentives, credit infrastructure, and large datasets for machine learning analysis.
This combination is something that creates a perfect environment for automated systems trained to identify risks, estimate benefits and identify repeatable opportunities to use crypto faster than human researchers.
If AI-systems continue to improve themselves with their intelligent planning, optimization and collaborative thinking, then there is a great possibility that companies will be able to experience systems that can work faster than machines.
AI-Powered DeFi Transactions Are Unproven, But The Risk Is Growing
There is currently no credible public evidence that any actors or computer groups are running autonomous AI systems to carry out DeFi hacks. However, several trends are clear. AI-assisted vulnerability is already a reality, crypto exploit systems are thriving, reusable offensive tools are on the rise, and government-sponsored crypto theft remains active.
Together, this suggests that while autonomous AI hackers are still a fantasy, the foundations for such systems may already be in place.
The main takeaway is that crypto security threats are evolving at a very fast pace. Although AI has yet to be proven to run large-scale DeFi projects on its own, increasing automation, more advanced attack tools, and access to crypto exploit datasets will likely redefine blockchain security in the coming years.
Also Read: ZetaChain Cross-Chain Contracts Exploited, Blockaid Warns
