HomeEverythingEducation
Equities & FundsCrypto & Digital AssetsAI & TechnologyBusiness & CorporateUS Politics & PolicyGeopolitics & Global RiskMacro, Rates & FXCommodities & EnergyEuropean Politics & MarketsAsia-PacificReal Estate & Property
Story archiveAll categories
← All Stories

AI accelerates crypto audit risks, researchers warn

Created at 9 Jul · 5:55 AM1 source↑ Market-relevant
IN SHORT

Blockchain security experts are urging crypto protocols to reaudit smart contracts, as AI tools enable hackers to find vulnerabilities faster. Hackers are also exploiting codebases of defunct DeFi protocols, leading to significant losses.

✉Newsletter

PiQ Daily

Pick your topics. Get only what matters, on your cadence.

Key Numbers

$1.32 billioncrypto stolen in H1 2026
$4.6 millionexploitable vulnerabilities found by AI agents
$72.3 billioncrypto locked in DeFi protocols
$2.1 millionstolen from Aztec Connect
$300,000stolen from mySwap
1,003 Etherrecovered from Hong Coin ICO
$1.72 millionvalue of recovered Ether
4 yearsduration Zcash vulnerability existed

Who's Involved

Ari Redbord
TRM Labs head of policy
CertiK
Blockchain security firm reporting on hacks
Taylor Hornby
Shielded Labs security engineer
Anthropic
AI company whose Claude Opus 4.8 powered an auditing agent
SlowMist
Provided estimate of total crypto losses from hacks
Aztec Connect
Defunct DeFi protocol exploited for $2.1 million
mySwap
Decentralized exchange with exploited smart contract
0xflorent
White hat who recovered funds from Hong Coin ICO

↳ Why This Matters

The increasing sophistication of AI-powered hacking tools is outpacing traditional security audits, creating significant risks for the vast sums of money locked in DeFi protocols and necessitating a shift towards continuous security reviews.

Key facts

  • Blockchain security experts recommend continuous smart contract reauditing due to AI-driven vulnerability discovery.
  • Hackers are increasingly exploiting codebases of defunct DeFi protocols, leading to substantial financial losses.
  • In the first half of 2026, hackers stole $1.32 billion, employing advanced methods aided by AI tooling.
  • A significant vulnerability in Zcash's Orchard shielded pool was identified by an AI auditing agent.
  • Over $72.3 billion in crypto is locked across DeFi protocols, providing strong incentives for exploitation.

Blockchain security experts are advising cryptocurrency protocols to conduct continuous audits of their smart contracts, as advancements in artificial intelligence are significantly accelerating hackers' ability to discover vulnerabilities.

Ari Redbord, head of policy at TRM Labs, emphasized that current attack techniques are evolving faster than a single audit can cover, leaving protocols exposed to new threats. CertiK reported that hackers stole $1.32 billion in the first half of 2026, employing sophisticated strategies, including revisiting older codebases with improved automated tooling.

A recent incident involved Zcash, where a major security flaw in its Orchard shielded pool, present for four years, was identified by an AI-powered auditing agent. This bug could have allowed undetectable counterfeiting. CertiK warned that the window of vulnerability extends beyond a protocol's launch, making reauditing a recurring necessity.

Anthropic's research indicated that AI agents found $4.6 million in exploitable vulnerabilities in smart contracts. With over $72.3 billion in crypto locked across DeFi protocols, the incentive for hackers remains high.

Recent exploits include the theft of $2.1 million from the defunct Aztec Connect protocol and $300,000 from a smart contract on the decentralized exchange mySwap, even after its user interface had been inactive for months. In a more positive development, a white hat recovered over $1.72 million from the failed Hong Coin initial coin offering due to a bug in its auto-refund function.

Redbord also stressed that addressing these security issues requires more than just code hardening; it involves disrupting malicious actors, including those linked to North Korea and Chinese money laundering networks.

Frequently asked questions

AI tools are enabling hackers to identify vulnerabilities in smart contracts much faster than traditional, one-time audits can detect them.

Hackers stole $1.32 billion in the first half of 2026, and a significant amount of crypto is locked in DeFi protocols, creating high incentives for exploitation.

AI agents, such as Anthropic's Claude Opus 4.8, are being used to find exploitable vulnerabilities in smart contract codebases at scale.

No, hackers are also exploiting the codebases of defunct decentralized finance protocols that have been shut down for months or even years.

What Happens Next

01Protocols are urged to implement continuous smart contract reauditing.
02The industry and regulators are expected to find ways to mitigate malicious cyberactivity.
03TRM Labs suggests focusing on disrupting malicious actors beyond just securing codebases.

Get the newsletter.

Pick the topics you actually care about. We'll email when there's news worth your time, on the cadence you choose. Cancel any time from your account.

Cadence

How It Developed

Blockchain security experts are urging crypto protocols to reaudit smart contracts due to AI's ability to quickly identify vulnerabilities.
Hackers are exploiting codebases of defunct decentralized finance protocols, draining millions.
CertiK reported hackers stole $1.32 billion in the first half of 2026 using sophisticated strategies.
Hackers are revisiting old codebases, aided by improved automated tooling for identifying vulnerabilities at scale.
A major security vulnerability was found in Zcash using an AI-powered auditing agent.
The Zcash vulnerability, existing for four years, could have enabled undetectable counterfeiting.
Anthropic found AI agents identified $4.6 million in exploitable vulnerabilities in smart contracts.
Hackers stole $2.1 million from the defunct Aztec Connect protocol.

Sources

T1
AI is shortening the shelf life of crypto security audits, researchers warnHackers have also been exploiting the codebases of defunct decentralized finance protocols, draining millions of dollars in customer funds.Cointelegraph

Related Stories

Crypto firms prepare defenses as quantum threat to encryption draws nearer
8 Jul · 10:04 AM
BNB Chain Plans New Layer-1 Blockchain for AI Agents and Quantum Security
8 Jul · 4:21 PM
Crypto VC Paradigm raises $1.2B for new fund, expands into AI and robotics
8 Jul · 5:05 PM
ESMA to scrutinize crypto custody providers' operational resilience
8 Jul · 11:05 AM
EU to revise crypto rules in 2027 amid Trump's push for digital assets
8 Jul · 2:15 PM