AI Hacker Threat Keeps Major Banks from Entering DeFi
According to a CertiK report, April was the worst month for DeFi in four years due to nearly daily attacks accelerated by AI. The risks of smart contract and bridge hacks are cited as the main obstacle to moving trillions of dollars from traditional financial institutions onto the blockchain.
Author: Independent financial analyst, specializing in cybersecurity in finance and institutional DeFi
The Gist: What's Really Happening
Wall Street wants into DeFi. Badly. JPMorgan, BlackRock, Fidelity — all are developing strategies for asset tokenization and on-chain settlements. The estimated volume that traditional finance plans to move onto the blockchain over the next 10 years is tens of trillions of dollars. But there's one problem: hackers have proven faster and smarter than defenders. And now AI is turning this race into a one-sided beating.
CertiK co-founder and CEO Ronghui Gu directly called the situation an "unfair game." April 2026 was the worst month for DeFi in four years: attackers struck 27 out of 30 days, with only three days free of hacks. Total losses for the month exceeded $600 million, and since the start of the year, over $840 million.
The core issue isn't technical vulnerabilities — those have always existed. The core issue is that AI has radically changed the economics of an attack. Previously, a hacker had to manually search for bugs in smart contracts — weeks or months of painstaking work. Today, AI agents scan protocols 24/7, automatically identifying weak spots in hours or even minutes. Defenders, on the other hand, are limited by each project's budget and physically cannot audit code at the same speed AI breaks it.
This is a structural imbalance that mainstream media rarely discusses. Traditional banks look at this data and freeze. How can you move trillions into an environment where a protocol with $300 million in TVL can be drained in 12 minutes?
Timeline and Context
April 1, 2026 — Hackers completely drained Drift Protocol on Solana, stealing $285 million in 12 minutes. The attackers compromised an admin key using a combination of social engineering and automated tools. This was not a random attack — according to TRM Labs and Mandiant, it was carried out by the North Korean group TraderTraitor (UNC4899).
April 17 — Strike against KelpDAO. Attackers withdrew $293 million through a vulnerability in a cross-chain bridge based on LayerZero. The attack began on March 6, when a developer fell victim to social engineering and had their session key stolen. On April 18, KelpDAO paused contracts, but the funds had already been withdrawn and converted to WETH via Aave v3.
28 incidents in April, 14 of which with losses exceeding $1 million each. For comparison, March losses totaled just $52 million. That's a 1,140% increase in one month. Chainalysis, TRM Labs, and Elliptic agreed: 76% of all losses in the first four months of 2026 ($577 million) are linked to hackers controlled by the DPRK.
But the most alarming signal wasn't the scale of losses, but their frequency. "Only three days without hacks," Gu emphasized. He added that, in CertiK's view, such a sharp rise is only possible due to the widespread adoption of AI in attacks.
Concurrently, in May 2026, an attack occurred on the AI agent platform Bankr. The attacker used Morse code to trick Grok into generating a transfer command, which Bankrbot automatically executed. Losses: $440,000, 14 user wallets. This was the second such incident in three weeks, and losses doubled compared to the first. No smart contract was hacked, no private key was stolen. Simply two automated systems did exactly what they were designed to do — and it led to theft.
Who Wins and Who Loses
Winners — cybersecurity firms specializing in blockchain. CertiK, Hacken, Trail of Bits, SlowMist. Their services are becoming not a recommendation but a mandatory requirement for any protocol seeking institutional capital. Demand for smart contract audits has grown 300% since the start of 2026. But the problem is that even the best auditors cannot compete with AI scanners operating 24/7.
Winners — insurance companies that are starting to offer DeFi hack policies. Nexus Mutual, Etherisc, Lloyd's (through partnerships with crypto insurers). Premiums for such policies have increased 5-10 times over the past six months. But even they are not ready to insure high-risk protocols — the likelihood of payouts is too high.
Winners — the DPRK and other state-backed hacker groups. 76% of all losses in 2026 are from North Korea's Lazarus Group and its satellites. They use AI to automate vulnerability discovery, social engineering, and optimize fund extraction through mixers and cross-chain bridges. These funds go toward financing Pyongyang's missile program. In effect, DeFi has become an illegal funding channel for a rogue state, and AI has only strengthened that channel.
Winners — attacking AI agents and security researchers on the dark side. Tools like autonomous vulnerability scanners, which can be rented for $10,000–20,000, pay for themselves in a single successful attack. The exploit-as-a-service market on the darknet grew 400% in Q1 2026.
Losers — DeFi protocols with high TVL. Drift Protocol and KelpDAO lost $578 million combined. After such attacks, users lose trust, TVL collapses, and the protocol often never recovers. Of the top 10 DeFi protocols hacked in 2024–2025, only two regained user trust and TVL to pre-crisis levels.
Losers — traditional financial institutions that are delaying entry into DeFi. And this is perhaps the biggest loss. Every month of delay is a missed economic benefit from reduced transaction costs, faster settlements, and automated compliance. But banks cannot risk their reputation and client capital. Until the attack rate drops tenfold, trillions of dollars will remain in traditional infrastructure with its T+2 settlements and 3% fees.
Losers — retail DeFi users. Their funds are frozen or stolen. Their savings are wiped out. And worse, they cannot protect themselves — even if they pass KYC, use hardware wallets, and avoid suspicious protocols. The Bankr attack showed: your money can be stolen because someone else (Grok) believed a Morse code transfer.
What the Media Isn't Saying
Insight number one, absent from official CertiK and CoinDesk releases: the real problem isn't AI hackers. The real problem is that AI defense is fragmented, while AI attack is centralized.
Currently, thousands of DeFi protocols use dozens of different security solutions, each with its own AI engine, vulnerability database, and effectiveness level. Hackers, on the other hand, can use a single, constantly improving AI tool to scan all protocols at once. It's as if in the real world, each bank built its own wall from different materials, while robbers had a universal tank.
CertiK's Gu acknowledges this when he talks about an "unfair game" and how an attacker may have an unlimited budget while defense has strict limits. But he doesn't say that the industry could pool resources and create a shared AI shield for all of DeFi. Why not? Because his business is selling audits to each client individually. A shared shield would destroy CertiK's and its competitors' revenue model.
Insight number two: North Korean hackers aren't just using AI — they're developing it. TRM Labs and Mandiant have noted that the sophistication of the Drift Protocol and KelpDAO attacks is "consistent with AI-enabled workflows." This means Lazarus Group likely built its own LLM models trained on smart contract code and known vulnerabilities. They can now generate exploits automatically, without human developer involvement. This changes everything: attack speed is no longer limited by human factors.
Insight three, the most alarming for DeFi's long-term prospects: the BIS called crypto exchanges "shadow banks," and this is a direct consequence of DeFi vulnerabilities. In a Bank for International Settlements report dated April 23, 2026, earn products and yield strategies are described as "unsecured loans to weakly regulated shadow banks" without deposit insurance or transparency. In other words, regulators are already preparing the ground for tough measures. If the industry doesn't solve the hack problem itself, regulators will solve it for them — through bans, licensing, and effective centralization of DeFi.
Forecast: Next 30 Days and 90 Days
30 days. June 2026 will repeat the April pattern. CertiK has already warned that the near-daily trend could continue through year-end. Expect at least 20–25 incidents in June, with losses in the $400–600 million range. Primary targets are cross-chain bridges and protocols with TVL above $100 million, as they offer the highest return on investment for AI scanning.
Regarding institutional capital: no major bank will announce entry into DeFi in June. Everyone is waiting for the industry to show two or three months without major hacks. That won't happen. Consequently, decision postponement will continue. BlackRock, JPMorgan, and Fidelity will continue pilot projects on isolated, private blockchains, but not on public DeFi.
Shares of blockchain-related cybersecurity companies could rise 10–15% on the wave of April hack news. But this is a short-term impulse — long-term investors have already priced in the risks.
90 days. By August 2026, one of two scenarios is possible. Scenario A (40% probability): the industry consolidates around 2–3 security standards (likely from CertiK, Trail of Bits, and Quantstamp), and the first "insurable" protocols emerge — those that have passed certification and can obtain a policy from Lloyd's. This would signal cautious institutional entry. First to come would be hedge funds and family offices, then regional banks, and only then globally systemically important banks.
Scenario B (60% probability): hacks continue at the same intensity. In August, another Drift/Kelp-level attack occurs (losses $200–300 million). The US Congress initiates hearings on DeFi regulation. The European Commission accelerates implementation of MiCA rules for decentralized protocols. By 2027, there is a risk that public DeFi will be effectively banned for institutional capital.
My base case is the second. The asymmetry between attack and defense is too great, and 90 days won't fix it. DeFi needs a common, standardized, industry-funded AI shield. No such shield exists, and creating one will take years, not months.
The main risk for the industry is the "Bankr effect," where attacks occur not at the smart contract level but at the logic level of interaction between AI agents. Such attacks are harder to prevent and detect, and they will only grow as more protocols deploy AI agents for automation.
Editorial Forecast
Tokens associated with high-TVL DeFi protocols (e.g., AAVE, UNI, LDO) are expected to be under pressure in the next 24–72 hours, as investors lock in profits ahead of possible June hacks. Support level for AAVE is $180, resistance is $210. Confidence level is moderate (55%). The main risk is a sudden announcement of a major institutional partnership (e.g., BlackRock with Aave), which could override fears and trigger a 15–20% rally. Without such a catalyst, DeFi tokens will continue to underperform Bitcoin and major altcoins.
— Editorial Team