Login
Sign Up
Woofun AI reports that Dragonfly managing partner Haseeb Qureshi has dismissed the narrative of an AI-induced "hackpocalypse" in decentralized finance, arguing that despite record incident volumes, the financial severity of individual exploits has diminished. This stance directly counters warnings from Manuel Aráoz, founder of blockchain security platform OpenZeppelin, who asserts that "all of DeFi [is] unsafe" due to AI coding agents’ growing ability to identify smart contract vulnerabilities. The debate centers on whether increased frequency correlates with increased systemic risk or merely reflects a shift in attacker targeting strategies.
The core of Qureshi’s argument rests on shifting hack metrics, specifically the decline in median exploit size. Data indicates the median hack value has fallen below $500,000 this year, a sharp decrease from over $2 million in 2025. Qureshi attributes this disparity to malicious actors leveraging AI to target "small protocols and abandonware," which lack robust security measures. Conversely, larger DeFi protocols have reportedly fortified their defenses, effectively mitigating the threat posed by automated AI tools against high-value targets.
Woofun AI data shows that monthly comparisons further support the view that 2026 has seen less value compromised per month than the previous year, excluding outlier events. Significant incidents such as the Bybit hack in February 2025, alongside the Drift Protocol and KelpDAO exploits in April of this year, skew the aggregate data. When these large-scale breaches are excluded, the underlying trend suggests a reduction in monthly stolen value compared to the previous year, challenging the notion of an escalating crisis driven solely by AI capabilities.
However, broader industry data presents a more complex picture, encompassing centralized platforms, wallet compromises, and phishing attacks alongside DeFi exploits. DefiLlama data shows that crypto hack losses surged to approximately $644 million in April, marking an over one-year high. This figure pales in comparison to February 2025, when the $1.4 billion Bybit hack pushed monthly losses to $1.46 billion, but it still indicates persistent vulnerability across the wider ecosystem beyond just decentralized protocols.
In the first half of 2026, total losses to cryptocurrency hacks fell 46.8% year-on-year to $1.32 billion. Yet, blockchain security firm CertiK cautioned that lower headline losses do not equate to a safer industry, noting that last year’s figures were skewed by the historic $1.4 billion Bybit breach. During the second quarter of 2026, over 70% of losses stemmed from the KelpDAO and Drift Protocol exploits, largely attributed to North Korean state-sponsored hackers. TRM Labs estimated in April that these actors have stolen more than $6 billion since 2017, underscoring that geopolitical threats remain the dominant risk vector rather than autonomous AI agents.