CertiK CEO: AI Lets DeFi Hackers Outspend Defenders

Ronghui Gu, chief executive of blockchain security firm CertiK, warned at a Miami conference that artificial intelligence has enabled DeFi attackers to outspend and outpace defenders, contributing to more than $690 million in protocol losses in April. The total included roughly $280 million linked to Drift Protocol and about $292 million tied to Kelp DAO.

Gu noted April had only three days without a reported hack and, excluding a February 2025 incident at an exchange, represented the largest single-month DeFi losses since March 2022. He attributed much of the increase to AI tools that speed vulnerability discovery and enable attackers to replicate exploits across multiple protocols.

According to Gu, attackers can deploy large amounts of computing power to probe a single target, automating vulnerability discovery and the reuse of successful exploits. Security firms must divide attention and resources across many clients, a resource imbalance Gu described as “an unfair game.”

Gu described a shift in attacker focus as smart contract code becomes harder to exploit. Rather than direct code flaws, adversaries are increasingly targeting supply-chain elements, operational security gaps and governance processes.

Investigations linked the Drift breach to an administrative account takeover associated with suspected North Korean actors. Reporting on the Kelp DAO incident attributed the loss to infrastructure and governance failures. One reported case involved compromise of a LayerZero validator setup, with stolen assets routed through lending protocols such as Aave.

A rollup operator froze roughly $72 million in tokens after one of the incidents. That freeze later attracted legal claims when plaintiffs holding separate judgments related to North Korean terrorism sought to seize the frozen funds.

Gu urged faster coordination among protocols, blockchains, exchanges and custody providers to limit losses and improve recovery efforts. He recommended rapid information sharing, coordinated token freezes where appropriate and joint recovery actions between affected parties.

Gu warned automated tools cannot prove software is free of bugs and cited the computational halting problem. “Even if you run an AI model for 30 hours and it doesn't find a vulnerability, it can't prove that your code is bug-free,” he warned, adding that formal verification remains the only method that can provide mathematical guarantees about certain code properties.

Gu argued the industry underinvests in non-code defenses such as operational controls, secure key management and redundancy in validator or oracle setups, which he described as increasingly attractive targets as direct smart contract exploits grow harder to execute.