Crypto hacks leveraging AI have siphoned off $600 million from DeFi, with North Korea taking advantage of the increase.

      **TL;DR** In April, two cyberattacks linked to North Korea siphoned nearly $600 million from DeFi protocols Drift Protocol ($285 million) and Kelp DAO ($292 million). Cybersecurity experts suspect the attackers leveraged AI to choose targets and craft exploits. The Kelp DAO breach led to a $9 billion outflow from Aave in two days, highlighting the inherent fragility of DeFi.

      The attacks occurred just over two weeks apart. On April 1, hackers extracted around $285 million from Drift Protocol, a derivatives exchange built on Solana, after posing as a quantitative trading firm to deceive employees into approving harmful transactions. Then, on April 18, a different group exploited a flaw in Kelp DAO’s cross-chain bridge, resulting in the loss of about $292 million in wrapped ether. Together, these breaches made up nearly $600 million and accounted for 76% of all crypto hacking losses in 2026 so far, according to blockchain forensics company TRM Labs.

      These attacks are widely linked to North Korea-affiliated groups, as reported by Bloomberg. What concerned cybersecurity experts most was not the magnitude of the heists but the tactics employed. TRM investigator Nick Carlsen, a former FBI analyst specializing in North Korean cybercrime, stated that the sophistication of these incidents strongly indicates the use of artificial intelligence for targeting and exploit design, noting it's a shift in North Korean tactics.

      **The contagion effect**

      The Drift incident severely impacted the platform. The attackers created a fake token, built a misleading trading history to lend it authenticity, and utilized it as collateral to extract real assets in about 12 minutes. Drift’s total value locked plummeted from $550 million to below $300 million in just an hour. The exchange halted operations and is now seeking to reboot after securing approximately $148 million backed by stablecoin issuer Tether. Additionally, a smaller project called Carrot, which had funneled user funds through Drift-linked vaults, announced it would shut down entirely on April 30.

      Conversely, the Kelp DAO hack had additional ramifications. Rather than liquidating the stolen funds immediately, the attackers deposited around $200 million into Aave, the largest decentralized lending platform, as collateral. This action sparked a crisis of confidence, prompting depositors to withdraw approximately $9 billion from Aave within two days due to concerns over the collateral's worth. Total value locked across DeFi lending protocols fell by over $13 billion in just 48 hours, forcing Aave to seek its own rescue.

      This incident showcased a fundamental weakness that sets decentralized finance apart from traditional banking; blockchain transactions cannot be reversed, and there is no central authority able to halt suspicious transfers. Moreover, the interconnected structure of DeFi, where one platform’s collateral becomes another's liability, means a single exploit can ripple through a system with around $130 billion in locked assets.

      **The AI accelerant**

      Determining if hackers utilized AI is not straightforward. Investigators base their assessments on the complexity of an attack, the tactics used, and how quickly targets were identified. More than half a dozen cybersecurity experts interviewed by Bloomberg pointed to the surge in DeFi exploits—April saw a record 28 to 30 incidents, nearly doubling the previous high—as a strong indication that attackers are leveraging commonly accessible AI models.

      “With AI, the cost of vulnerability detection is approaching zero,” remarked Aneirin Flynn, CEO of security audit firm Failsafe. He noted that the time taken for hackers to find weaknesses in blockchain protocols has drastically decreased from months to days, or even hours.

      Research from Anthropic supports this view. In December, the company published findings that indicated over half of blockchain exploits executed in 2025 "could have been executed autonomously" using AI agents. They observed that the average possible exploit revenue doubled every 1.3 months, while the cost of scanning a smart contract for vulnerabilities fell to $1.22. A test conducted by engineers at a16z, the largest crypto venture capital firm, revealed that an AI trained on previous DeFi hacks "always found the vulnerability" in a given protocol, even though it still required human assistance to fully engineer a profitable exploit.

      **The Mythos question**

      An ongoing concern in the industry revolves around Anthropic’s Mythos, an AI model the company has withheld from widespread release due to its cybersecurity capabilities. In testing, Mythos autonomously uncovered thousands of previously unrecognized zero-day vulnerabilities across major operating systems and web browsers, including one in OpenBSD that had remained undetected for 27 years. Anthropic has opted to limit access through its Project Glasswing to several significant tech companies and banks rather than making the model publicly available.

      There is no evidence linking the April hackers to Mythos. However, the model's existence raises a broader question: if current publicly available AI tools can already facilitate crypto heists to such a degree, what happens when more advanced models, whether Mythos or its