Ly Gravity

The AI Hacking Bogeyman: Why DeFi’s 2025 Reality Contradicts the Hype

0xBen Press Releases

Hook

Over the past 12 months, net DeFi losses from exploits fell by 42% year-over-year — from $1.8B in 2024 to roughly $1.05B in 2025. That is not a rounding error; that is a structural shift. Yet the dominant narrative remains “AI will destroy DeFi.” Last week, Haseeb Qureshi, managing partner at Dragonfly Capital, called the AI-hacking apocalypse a “false alarm.” The market shrugged. I did not. Because the data — and my own cold simulations — tell a different story: the alarm was never real, but the complacency it breeds is.

Context

Dragonfly Capital is a top-tier crypto VC with a heavy DeFi portfolio. Qureshi’s thesis rests on two observations: (1) total stolen funds are down, and (2) no major hack in 2025 has been credibly attributed to AI-generated exploit code. On the surface, this is a bullish signal for DeFi safety. But the industry loves a good villain, and AI is currently the most convenient one. Every audit firm, every security dashboard, every conference panel now features a slide titled “AI Threats in Web3.” The fear sells. The data, however, does not.

I have been auditing smart contracts since 2017 — before the ICO boom, before the DAO fork. I have seen narratives inflate faster than token supplies. The AI-threat narrative is no different, but it carries a dangerous subtext: because AI is the “new” risk, we are allowed to relax about the old ones. That is where Qureshi’s point gains traction, but also where his analysis stops short.

Core: Systematic Tear Down

Data Integrity Check

Let us start with the raw numbers. According to Rekt News and slowmist data I scraped and cross-referenced with my own chain analysis scripts, here is the breakdown by exploit vector in 2025 (as of Q3):

  • Flash loan attacks: 31% of total losses (down from 48% in 2024)
  • Oracle manipulation: 22% (stable)
  • Private key leaks: 18% (up from 12%)
  • Governance attacks: 9% (down)
  • Reentrancy + logic errors: 12% (down)
  • Unknown / unclassified: 8%

Zero entries for “AI-driven exploit code.” Zero. I double-checked by running my own fuzzing framework (based on Echidna + custom ML classifiers) against all known exploit contracts from 2024–2025. No generated code signatures. No neural-network-generated contract mutations. The code was human-written — sloppy, rushed, but human.

Why AI Has Not Cracked DeFi Yet

Limitation 1: Execution, not generation. AI can write Solidity, but not well. The models lack the mental model of EVM gas costs, reentrancy guards, and cross-contract state dependencies. A generative AI might produce a function that looks correct but fails under edge cases. DeFi exploits require precision: one wrong modifier, one unchecked return value, one missed timestamp check. AI-generated code is probabilistic; exploit code must be deterministic. I tested this in 2024 by feeding a GPT-4 variant the Uniswap V2 swap function and asking it to find a vulnerability. It suggested a rounding error that did not exist. The code was solid; the logic was not.

Limitation 2: The target surface is shrinking. Modern DeFi protocols have hardened. The era of the single-contract bank is over. Composability has made attacks harder because they require multi-step interactions across many contracts. AI agents currently struggle with planning across more than three hops. My own experiments with reinforcement learning for arbitrage (part of my risk consulting work) show that RL agents can find profitable sequences, but they cannot reliably identify which sequence leads to a smart contract exploit without a full codebase simulation. And simulation is slow — slower than manual reverse engineering for an experienced auditor.

Limitation 3: Cost vs. reward. Why use AI to find a bug when you can read a flash loan tutorial and copy-paste a 50-line exploit that has worked for three years? The barrier to entry remains low. AI raises the barrier for victims, not attackers.

My Personal Signal: The Compound Iceberg Redux

In 2020, I spent six weeks reverse-engineering Compound’s interest rate model. I ran Hardhat simulations and proved that the liquidation threshold was mathematically unsound during high-volatility events. I published the findings. No one cared until the market crashed. Today, the same pattern repeats with AI: the threat is not in the code — it is in the assumptions. Qureshi is correct about 2025. But he is making a static judgment based on a dynamic system. Volatility hides in the compounding fractions.

The Real Risk: Not Code, But Social Engineering

AI’s most lethal application in 2025 has been social. Spear-phishing campaigns targeting multisig signers, deepfake video calls for governance proposals, AI-generated pressure tactics on developers. These attacks do not appear in exploit databases as “AI.” They appear as “private key leak.” The 18% figure above is almost certainly understated. I know because I consulted on one case in March 2025: an attacker used a voice clone of the protocol’s lead dev to convince a junior team member to approve a false Gnosis Safe transaction. The code was never touched. The intent was manipulated.

This is the blind spot Dragonfly’s thesis ignores. Qureshi looks at on-chain exploit logs and sees no AI. I look at the off-chain chain of custody and see AI everywhere — just not where the auditors check.

Contrarian: What the Bulls Got Right

Let me give credit where it is due. Qureshi and Dragonfly are right about one thing: the AI-hype-driven FUD has been a net negative for DeFi. It scared away legitimate institutional capital that would have improved liquidity. It shifted development resources toward “AI-proof” code that does not exist. It made the community paranoid about the wrong threat.

Yes, total losses are down. Yes, no major hack has been “code-authenticated” as AI. Yes, the existing security infrastructure (audits, bug bounties, formal verification) is working as well as it should. These are hard truths that defy the panic narrative.

But they miss the structural shift: AI is not replacing human attackers; it is amplifying them. The 2025 attacker is the same person who hacked a DEX in 2022, but now they use an AI assistant to write the phishing email, an AI model to fake the voice, and an AI agent to time the exploit when gas is low. The on-chain footprint remains the same. The off-chain preparation has changed.

Takeaway: Accountability Call

The industry must stop asking “Did AI hack DeFi?” and start asking “Did AI help the humans who hacked DeFi?” The answer is almost certainly yes. But because the answer does not show up in a block explorer, the narrative remains: AI is a false alarm.

That is a dangerous placebo. DeFi protocols should audit their social layers as aggressively as their smart contracts. Implement mandatory hardware security keys. Require video confirmation for large transactions. Use AI to detect AI — deploy anomaly detection on communication channels, not just on chain data.

Check the inputs, ignore the hype.

I have seen too many projects fail not because the code broke, but because the team trusted the wrong narrative. The code was solid. The logic was not.

A flat line is more dangerous than a spike. The market took Qureshi’s words as a sign to relax. I take them as a sign to sharpen the edge.

Silence in the logs speaks louder than bugs.

Market Prices

BTC Bitcoin
$64,432 -0.11%
ETH Ethereum
$1,859.61 +0.11%
SOL Solana
$75.8 +0.66%
BNB BNB Chain
$567.6 -0.53%
XRP XRP Ledger
$1.09 +0.05%
DOGE Dogecoin
$0.0722 -0.25%
ADA Cardano
$0.1655 -0.18%
AVAX Avalanche
$6.42 -2.30%
DOT Polkadot
$0.8127 -2.64%
LINK Chainlink
$8.31 -0.10%

Fear & Greed

28

Fear

Market Sentiment

Event Calendar

{{年份}}
10
05
upgrade Ethereum Pectra Upgrade

Raises validator limit and account abstraction

12
05
halving BCH Halving

Block reward halving event

18
03
unlock Sui Token Unlock

Team and early investor shares released

15
04
halving Bitcoin Halving

Block reward reduced to 3.125 BTC

22
03
unlock Optimism Unlock

Circulating supply increases by about 2%

28
03
unlock Arbitrum Token Unlock

92 million ARB released

08
04
upgrade Solana Firedancer

Independent validator client goes live on mainnet

30
04
upgrade Celestia Mainnet Upgrade

Improves data availability sampling efficiency

Altseason Index

44

Bitcoin Season

BTC Dominance Altseason

Gas Tracker

Ethereum 28 Gwei
BNB Chain 3 Gwei
Polygon 42 Gwei
Arbitrum 0.5 Gwei
Optimism 0.3 Gwei

Market Cap

All →
# Coin Price
1
Bitcoin BTC
$64,432
1
Ethereum ETH
$1,859.61
1
Solana SOL
$75.8
1
BNB Chain BNB
$567.6
1
XRP Ledger XRP
$1.09
1
Dogecoin DOGE
$0.0722
1
Cardano ADA
$0.1655
1
Avalanche AVAX
$6.42
1
Polkadot DOT
$0.8127
1
Chainlink LINK
$8.31

🐋 Whale Tracker

🟢
0xec90...6726
3h ago
In
34,964 BNB
🔴
0x5204...5058
6h ago
Out
2,597 BNB
🟢
0x36c1...47ff
1h ago
In
14,186 SOL

💡 Smart Money

0xb232...e4a7
Arbitrage Bot
+$4.0M
93%
0x96e5...60a0
Market Maker
+$2.1M
66%
0xcb81...c091
Early Investor
+$4.8M
81%

Tools

All →