AI Awakens 27-Year Dormant Vulnerability...Crypto Market on the Brink of 'Hacking Catastrophe'

▲ Virtual assets, hacking, cryptocurrency security/AI generated image

Artificial intelligence technology is directly targeting the decentralized finance ecosystem, shaking its security system from its very foundations. The time required for vulnerability detection and attack execution, which previously took several years, has been shortened to less than a day, triggering an emergency across the entire virtual asset market.

According to the cryptocurrency-focused YouTube channel Coin Bureau on April 25 (local time), artificial intelligence has reached a stage where it can autonomously discover code vulnerabilities, pushing virtual asset security into its most dangerous phase in history. In the first quarter of 2026, a total of $450 million was drained from decentralized finance (DeFi) protocols in 145 attacks, with an additional $66 million disappearing in just 18 days of April. Consequently, the Total Value Locked (TVL) plummeted from $110 billion in January to $82 billion.

AI-powered attacks surpass traditional hacking in terms of cost and speed. Anthropic's model, Claude Mythos, single-handedly discovered a zero-day vulnerability that had gone undetected for 27 years. The cost to analyze an entire smart contract is a mere $1.22, and the attack preparation period, which previously averaged 2.3 years, has been reduced to less than 24 hours.

Actual damages are also expanding rapidly. On April 1, $285 million was drained from the Solana (SOL)-based Drift Protocol, and on the 18th, the Kelp DAO bridge was attacked, resulting in $293 million in damages. Both incidents are suspected to be the work of the North Korean hacking group Lazarus Group, which is estimated to have stolen $577 million in just one month.

The problem is that while artificial intelligence increases development productivity, it also creates vulnerabilities. Research shows that approximately 45% of AI-generated code contains security flaws, with the failure rate exceeding 70% in Java. Developers are accelerating with AI, but attackers are exploiting weaknesses even faster with the same technology, solidifying this structure.

The threat is not limited to the virtual asset market. Decades-old vulnerabilities in major cryptographic libraries such as OpenSSL have been widely discovered by AI, exposing the entire global financial system to risk. Concerns that even the SWIFT (Society for Worldwide Interbank Financial Telecommunication) network could be affected prompted reports that U.S. Treasury Secretary Scott Bessant and Federal Reserve Chair Jerome Powell held an emergency meeting with CEOs of major banks.

The defense sector has also begun to respond. CertiK and Coinbase are adopting AI-powered security auditing tools to accelerate their response. However, a structural limitation still exists: attackers only need one success, while defenders must block every attack. The fact that 99% of currently discovered vulnerabilities remain unpatched highlights the fragility of security systems.

User-level responses are also becoming crucial. Cross-chain bridges and restaking tokens are identified as areas where smart contract risks are concentrated. When using new protocols, it is becoming essential to verify the presence of at least two security audits and the application of real-time monitoring. As the confrontation between AI and security intensifies, the market has already entered a new risk environment.

*Disclaimer: This article is for investment reference only, and we are not responsible for any investment losses based on it. The content should be interpreted for informational purposes only.*