AI, Awoke a 27-Year Dormant Vulnerability...Crypto Market on the Brink of a 'Hacking Catastrophe'

▲ Virtual Assets, Hacking, Cryptocurrency Security/AI Generated Image

Artificial intelligence technology is directly targeting the decentralized financial ecosystem, fundamentally shaking its security system. The time required for vulnerability detection and attack execution, which previously took several years, has been shortened to less than a day, putting the entire virtual asset market on high alert.

According to the cryptocurrency YouTube channel Coin Bureau on April 25 (local time), artificial intelligence has reached a stage where it can autonomously discover code vulnerabilities, pushing virtual asset security into its most dangerous phase in history. In the first quarter of 2026, a total of $450 million was leaked from decentralized finance (DeFi) protocols through 145 attacks, and an additional $66 million disappeared in April in just 18 days. As a result, the Total Value Locked (TVL) plummeted from $110 billion in January to $82 billion.

AI-based attacks overwhelmingly surpass traditional hacking in terms of cost and speed. Anthropic's model, Claude Mythos, instantly discovered a zero-day vulnerability that had remained undetected for 27 years. The cost to analyze an entire smart contract is a mere $1.22, and the attack preparation period, which previously averaged 2.3 years, has been reduced to less than 24 hours.

Actual damages are also rapidly expanding. On April 1, $285 million was leaked from the Solana (SOL)-based Drift Protocol, and on the 18th, the Kelp DAO bridge was attacked, resulting in $293 million in damages. Both incidents are presumed to be the work of the North Korean hacking group Lazarus Group, and it is analyzed that they stole $577 million in just one month.

The problem is that while AI increases development productivity, it also creates vulnerabilities. Research shows that approximately 45% of AI-generated code contains security flaws, with the failure rate exceeding 70% for the Java language. Developers are accelerating with AI, but attackers are using the same technology to exploit weaknesses even faster, a pattern that is becoming entrenched.

The threat is not limited to the virtual asset market. Decades-old vulnerabilities in major cryptographic libraries like OpenSSL have been extensively discovered by AI, exposing the entire global financial system to risk. Concerns that even the SWIFT (Society for Worldwide Interbank Financial Telecommunication) network could be affected led to reports that US Treasury Secretary Scott Bessant and Federal Reserve Chairman Jerome Powell held an emergency meeting with CEOs of major banks.

The defense sector has also begun to respond. CertiK and Coinbase are adopting AI-based security audit tools to speed up their response. However, a structural limitation still exists: attackers only need one success, while defenders must block every attack. The fact that 99% of currently discovered vulnerabilities have not yet been patched clearly exposes the fragility of the security system.

User-level response is also becoming crucial. Cross-chain bridges and restaking tokens are identified as areas where smart contract risks are concentrated. When using new protocols, it is becoming essential to check for at least two security audits and the application of real-time monitoring. As the confrontation between AI and security intensifies, the market has already entered a new risk environment.

*Disclaimer: This article is for investment reference only, and we are not responsible for any investment losses incurred based on it. The content should be interpreted for informational purposes only.*