Can DeFi survive an era in which an AI can find a dozen critical security bugs in a smart contract for just $1.22 in tokens?That’s how much it cost Anthropic researchers on average to run previously exploited contracts through major LLM models. They discovered that more than half of the exploits in 2025 could have been found and autonomously carried out by AI agents.AI tools are also able to quickly find security holes and weak points in infrastructure and governance too.
DeFi’s future is under a dark cloud right now, with more than a dozen platforms attacked since the start of April according to DeFiLlama, and $605 million drained.
The month began with the $285 million hack of Drift Protocol — a combination of social engineering and malware — followed in short order by Silo Finance (misconfigured oracle), Aethir (access control exploit), Rhea Finance (fake token contracts) and Volo Vault (compromised key) among other attacks.The most devastating attack came on the weekend, when a hacker drained $290 million from KelpDAO’s LayerZero-based reETH bridge. It caused ripples across the ecosystem, with more than 30 protocols pausing some functions. Aave was among the hardest hit with up to $200 million in bad debt, despite its own industry-leading security standards. The incident suggests that a DeFi platform’s integrity may only be as good as the weakest protocol it interacts with.Jefferies digital asset analyst Andrew Moss said that the KelpDAO attack threatened Wall Street’s recent embrace of the sector.“The potential loss of trust poses both near — and longer-term risks regardless of who is to blame,” analyst Andrew Moss wrote. “Although we don’t expect TradFi firms to throw in the crypto towel, the rollout or expansion of tokenization initiatives across banks, asset managers, fintechs and payments may decelerate temporarily.”Unfortunately, it doesn’t look like the threat will abate any time soon. Polymarket is currently pricing in the chance of another $100 million crypto hack this year at 76%.
