Cyberattacks in the cryptocurrency sector have climbed to an all-time high, with artificial intelligence accelerating both the speed and sophistication of recent exploits, according to Ryan Sean Adams, co-founder of Bankless, on April 19. Adams said automation is boosting offensive capabilities faster than defenses are improving, urging rapid upgrades to security practices across the industry.
Major defi protocols report nine-figure losses
One of the latest high-impact incidents involves Kelp DAO, a decentralized finance project that reported roughly 292 million dollars in losses tied to rsETH cross-chain activity. Kelp DAO has suspended operations on its main network and multiple Layer 2 environments while it works with partners such as LayerZero, Unichain, and independent security researchers to identify the root cause.
Other recent attacks have followed a similar pattern of large, sudden losses:
- Drift Protocol suffered a 285 million dollar exploit despite having passed two independent audits shortly before the breach.
- Resolv Labs reported about 25 million dollars in losses after attackers exploited a weakness in its cloud key management service, rather than in its on-chain code.
- Rhea Finance lost 18.4 million dollars when assailants targeted a subtle flaw in its slippage protection mechanism, pointing to growing expertise in exploiting complex economic design rather than straightforward coding bugs.
Altogether, Web3 projects lost roughly 464.5 million dollars to hacks and scams in the first quarter of 2026 alone. A single hardware wallet phishing campaign in January accounted for 282 million dollars of that sum, highlighting how human-focused attacks now rival code exploits in financial impact.
AI speeds up code scanning and exploit design
Security specialists say AI-powered tools can scan smart contracts and protocol code at a scale and speed far beyond human auditors. That allows attackers to:
- identify vulnerabilities across many projects at once
- shorten the time between discovering a weakness and launching an exploit
- expand the number of potential targets across chains and protocols
AI systems are also being used to craft complex, hard-to-detect transaction sequences designed to slip past conventional pattern-recognition and anomaly-detection tools. These capabilities are particularly dangerous when applied to newer components such as cross-chain bridges, multi-layer integrations, and advanced liquidity mechanisms.
Expanding defi infrastructure broadens attack surfaces
Analysts stress that AI is only one driver of the surge in attacks. The rapid build-out of decentralized finance platforms, Layer 2 networks, and cross-chain infrastructure has expanded the number of critical systems that can fail.
The latest wave of incidents shows the risk has moved far beyond individual smart contracts:
- The Resolv Labs breach originated in an off-chain cloud key management service, demonstrating how infrastructure providers can create single points of failure.
- Drift Protocol’s losses, despite recent audits, underline the limits of traditional code reviews in keeping up with evolving attack techniques.
- The Kelp DAO exploit targeted the reserve backing a wrapped token used across more than 20 blockchain networks. Once the reserve was drained, the value of that asset was threatened across all connected chains, illustrating how one compromised bridge can trigger rapid contagion through supposedly separate environments.
These cases indicate that protocol-level security alone is no longer enough. Off-chain services, bridges, oracles, and administrative key systems now present equally critical risks.
Market sentiment turns sharply negative
The accumulation of high-profile breaches has spilled over into market psychology. Following the incident involving Adams’s ecosystem, the Crypto Fear & Greed Index dropped to 27, a level associated with broad fear among market participants.
The Rhea Finance exploit, which hinged on a narrow weakness in its slippage protection, added to concerns that attackers are conducting deep research into economic mechanisms and protocol design, rather than simply scanning for obvious bugs. This has reinforced a view that many existing defenses are misaligned with the sophistication of current threats.
Defensive tools race to keep pace with attackers
In response, new defensive strategies are focusing on speed and automation:
- AI-driven real-time monitoring to flag suspicious activity across chains
- formal, mathematical verification of core protocol logic
- coordinated response frameworks across security teams, infrastructure providers, and protocol developers
Researchers note that machine learning is now central on both sides of the cybersecurity race: it enhances offensive capabilities while also forming the basis of automated defense systems. The continued rise in both the frequency and variety of attacks suggests a tightening contest between adaptation and prevention across the blockchain ecosystem.
Heightened need for deeper risk assessment
The recent incidents are challenging traditional assumptions about what constitutes adequate security. Completed audits and published security reports, once seen as strong assurances, are proving insufficient in the current environment.
Analysts say participants now need to evaluate:
- direct smart contract risk
- the resilience of cross-chain bridges and messaging layers
- oracle design and governance
- the robustness of cloud and key management services
- the ability of a protocol to respond quickly and coordinate across partners when an incident occurs
With AI accelerating the pace of discovery and exploitation, and with infrastructure complexity continuing to rise, the sector faces mounting pressure to strengthen its defenses before the next wave of attacks materializes.
Want practical protection tips against these AI-driven attacks? Learn how to secure your crypto accounts effectively today.
Disclaimer: The content on this page is provided for general informational purposes only and does not represent the views or financial advice of Toobit. We make no guarantees regarding the accuracy or completeness of this information and shall not be held liable for any errors, omissions, or outcomes resulting from its use. Investing in digital assets involves risk; users should independently evaluate their financial situation and the risks involved. For further details, please consult our Terms of Service and Risk Disclosure.
