Unverified Smart Contracts Are a Preferred Target for Attackers

Summary

In the last six months, at least $36.7 million has been stolen from protocols whose source code was never publicly verified — meaning attackers had to decompile raw bytecode to find the vulnerabilities.

The rise of AI-assisted exploit development is likely accelerating this trend, as large language models (LLMs) can now identify vulnerability patterns at scale.

This is emerging as a distinct attack pattern. Although unverified contracts receive less public scrutiny, fewer community-driven bug reports, and are excluded from most bug bounty programs, they still hold millions in user funds.

Real-time on-chain monitoring is especially critical for protocols deploying unverified contracts, since the traditional security ecosystem — white hat researchers, competitive audits, public code review — cannot function without readable source code.

Summary

The rise of AI-assisted exploit development is likely accelerating this trend, as large language models (LLMs) can now identify vulnerability patterns at scale.

Unverified Smart Contracts Are a Preferred Target for Attackers

Unverified Smart Contracts Are a Preferred Target for Attackers

Other newsrooms on this story

Related reading

Chainalysis: AI-Assisted Attackers Target Hidden DeFi Code

AI-driven hacks could kill DeFi — unless projects act now

DeFi isn't safe anymore because AI is becoming 'superhuman' at hacking,…

Verus-Ethereum bridge under live attack with $11.6 million drained

DeFi isn't safe anymore because AI is becoming 'superhuman' at hacking, onetime…

The Hardest Fork

Other newsrooms on this story

Related reading

Chainalysis: AI-Assisted Attackers Target Hidden DeFi Code

AI-driven hacks could kill DeFi — unless projects act now

DeFi isn't safe anymore because AI is becoming 'superhuman' at hacking,…

Verus-Ethereum bridge under live attack with $11.6 million drained

DeFi isn't safe anymore because AI is becoming 'superhuman' at hacking, onetime…

The Hardest Fork