黑客还一直在利用已失效的去中心化金融协议的代码库,窃取了数百万美元的客户资金。 区块链安全专家敦促加密协议重新审核其智能合约,因为人工智能工具使黑客比以往任何时候都更容易更快地识别漏洞。 TRM Labs 政策主管 Ari Redbord 告诉 :“我们的数据表明需要持续审查,而不是一次性审计。”他补充说,“攻击技术的发展速度比发布之日起的单次审计所能解释的要快。” “针对去年的攻击模式进行的审计使得协议暴露于今年的攻击模式中,因为不良行为者正在发生变化。” CertiK 周一报告称,黑客在 2026 年上半年又窃取了 13.2 亿美元,并采取了日益复杂的策略来应对整个行业加强的安全措施。 CertiK 表示,其中一项策略是重新访问旧代码库,并补充说,攻击者的努力可能“得到了用于大规模识别潜在漏洞的改进自动化工具的帮助”。
最近的事件之一涉及以隐私为中心的区块链 Zcash,Shielded Labs 安全工程师 Taylor Hornby 使用由 Anthropic 的 Claude Opus 4.8 提供支持的自定义审计代理发现了一个重大安全漏洞。该错误已被修复。 该安全漏洞已存在四年,可能导致 Orchard 屏蔽池(该网络的关键隐私功能之一)内出现无法检测的伪造行为。 CertiK 警告说:“最大漏洞窗口在发布后不会关闭。” “运营遗留基础设施的项目应将重新审核视为一项经常性的运营要求,而不是部署时进行的一次性活动。” 去年 12 月,Anthropic 进行了一项研究,发现人工智能代理在智能合约中发现了价值 460 万美元的可利用漏洞。与此同时,数百个 DeFi 协议中锁定了价值超过 723 亿美元的加密货币,这给黑客提供了充分的动力来利用易受攻击的智能合约。 SlowMist 对区块链黑客攻击造成的加密货币总损失的估计。来源:慢雾 已失效的加密协议成为目标
6 月 14 日,黑客利用智能合约漏洞从 Aztec Connect 窃取了 210 万美元,该平台自 2023 年 3 月以来一直处于关闭状态。 五天后,去中心化交易所 mySwap 上的一份智能合约被利用,价值 30 万美元,尽管 mySwap 用户界面已关闭新的流动性存款六个月以上。 5 月份发生了一件更幸运的事件,当时一个名为“0xflorent”的白帽子帮助从 2016 年参与 Hong Coin (HONG) 首次代币发行的 48 名投资者手中收回了 1,003 枚以太币 (ETH),价值超过 172 万美元。 相关:4 月份黑客激增后,“所有 DeFi 都不安全”的说法引发了人工智能安全争论 ICO 在未达到融资目标后未能启动,并且由于自动退款功能的错误,资金仍被锁定在智能合约中。 TRM 表示,仅重新审核等式的一部分 Redbord 表示,这项工作并不止于强化代码库和基础设施,并解释说,更广泛的行业和监管机构需要继续寻找方法来减少来自朝鲜的恶意网络活动并破坏中国的洗钱网络:
“协议可以锁上大门,但仍然需要有人去追查闯入的演员。” 特点:风险超过收益率,DeFi 黑客事件动摇了机构信心
Hackers have also been exploiting the codebases of defunct decentralized finance protocols, draining millions of dollars in customer funds.
Blockchain security experts are urging crypto protocols to reaudit their smart contracts as AI tooling is making it easier for hackers to identify vulnerabilities more quickly than ever before.
“Our data argues for continuous review rather than a one-time audit,” TRM Labs head of policy Ari Redbord told , adding that “attack techniques are moving faster than a single audit from launch day can account for.”
“An audit built for last year’s attack patterns leaves a protocol exposed to this year’s as bad actors are changing up.”
CertiK reported Monday that hackers stole another $1.32 billion in the first half of 2026 and have adopted increasingly sophisticated strategies in response to strengthened security measures across the industry.
One of those strategies has been to revisit old codebases, CertiK said, adding that the attackers' efforts have likely been “aided by improved automated tooling for identifying latent vulnerabilities at scale.”
One of the most recent incidents involved privacy-focused blockchain Zcash, where Shielded Labs security engineer Taylor Hornby found a major security vulnerability using a custom auditing agent powered by Anthropic’s Claude Opus 4.8. The bug has since been patched.
The security vulnerability, which existed for four years, could have enabled undetectable counterfeiting inside the Orchard shielded pool, one of the network’s key privacy features.
“The window of maximum vulnerability does not close after launch,” CertiK warned. “Projects operating legacy infrastructure should treat reauditing as a recurring operational requirement rather than a one-time exercise conducted at deployment.”
In December, Anthropic conducted a study finding that AI agents found $4.6 million worth of exploitable vulnerabilities in smart contracts. Meanwhile, there is more than $72.3 billion worth of crypto locked across hundreds of DeFi protocols, giving hackers plenty of incentive to exploit vulnerable smart contracts.
SlowMist's estimate of total crypto losses from blockchain hacks. Source: SlowMist
Defunct crypto protocols targeted
On June 14, hackers exploited a smart contract vulnerability to steal $2.1 million from the Aztec Connect, which had been shut down since March 2023.
Five days later, a smart contract on the decentralized exchange mySwap was exploited for $300,000, even after the mySwap user interface had been closed to new liquidity deposits for more than six months.
A more fortunate event took place in May, when a white hat, known as “0xflorent,” helped recover 1,003 Ether (ETH) worth over $1.72 million from 48 investors involved in the Hong Coin (HONG) initial coin offering in 2016.
Related: ‘All DeFi unsafe’ claim sparks AI security debate after April hack surge
The ICO failed to launch after missing its funding target, and the funds remained locked in the smart contract due to a bug in the auto-refund function.
Reaudits only part of the equation, TRM says
The work doesn’t stop with hardening the codebase and infrastructure, Redbord said, explaining that the broader industry and regulators need to continue finding ways to mitigate malicious cyberactivity from North Korea and disrupt Chinese money laundering networks:
“Protocols can lock their doors, but someone still has to go after the actor breaking in.”
Features: DeFi hacks shake institutional confidence as risks outpace yields