Chainalysis: $36.7M DeFi Hacks in 6 Months Fueled by AI Attacks
Blockchain analytics firm Chainalysis reports at least $36.7 million lost to DeFi hacks over the past six months. The attacks mainly targeted unverified smart contracts—contracts without publicly disclosed source code—on major chains, where attackers leveraged long-standing vulnerabilities.
The biggest incident involved Truebit on Ethereum. An exploit of an unverified smart contract deployed since 2021 allowed the attacker to steal $26.2 million, accounting for more than 70% of total DeFi hacks in the period. Other impacted protocols mentioned include Trusted Volumes, Aperture Finance, and Ekubo, though individual loss figures were not detailed.
Chainalysis links the trend to new tooling: decompilers and AI make reverse-engineering and vulnerability discovery faster and more scalable. What previously required days of manual analysis by security experts can now be automated, lowering the barrier for attackers and increasing the frequency of breaches against poorly audited or unverified code.
For traders and users, the takeaway is risk management around contract transparency. Favor protocols with verified/open-source smart contracts and independent security audits, and monitor incident reports and audit recency. For developers and teams, the report underscores that smart contract verification and proactive security processes are becoming baseline requirements as AI-enabled exploitation spreads.
Keywords: DeFi hacks, unverified smart contracts, smart contract verification, AI decompilers, Ethereum, Truebit, Chainalysis.
Bearish
This news is likely bearish for sentiment because it quantifies ongoing, high-impact DeFi hacks ($36.7M in six months) and shows that AI-enabled tooling is increasing attacker efficiency. The Truebit incident alone (>$26M, mostly unverified-code exploitation) raises near-term uncertainty about protocol safety, which can trigger withdrawals, liquidity pullbacks, and risk-off positioning in DeFi tokens.
In the short term, traders may react by reducing exposure to smaller or opaque DeFi protocols lacking verified/open-source contracts and recent audits, while concentrating on higher-quality venues with stronger security track records. In the long term, however, the market may adapt: audits, verification standards, and security tooling could improve, potentially stabilizing winners—though that benefit typically arrives after incidents, not before.
Compared with past exploit cycles, quantified hack totals and repeatable exploit methods tend to pressure prices and volatility until the market gains confidence through audits, bug bounties, and incident transparency. As a result, the immediate impact on market stability is more likely negative than positive.