AI gave North Korean hackers a $600 million month. DeFi is still working out how to respond.

Posted on By 164news66 No Comments on AI gave North Korean hackers a $600 million month. DeFi is still working out how to respond.

AI-powered Crypto Hacks Drain $600M from DeFi as North Korea Exploits Surge

May 15, 2026 – 2:59 pm

Summary

Two North Korea-linked hacks in April drained almost $600 million from decentralized finance (DeFi) protocols Drift Protocol ($285 million) and Kelp DAO ($292 million). Cybersecurity experts believe the attackers used artificial intelligence (AI) to select targets and design exploits. The Kelp DAO hack triggered a significant outflow from Aave, exposing DeFi’s systemic fragility.

Hacks and Their Impact

  • Drift Protocol Hack: On April 1st, attackers drained $285 million from Drift Protocol, a Solana-based derivatives exchange. They posed as a quantitative trading firm to trick employees into authorizing malicious transactions in just 12 minutes.

  • Kelp DAO Hack: A separate group exploited a single-verifier flaw in Kelp DAO’s cross-chain bridge on April 18th, extracting approximately $292 million in wrapped ether. This hack triggered a $9 billion outflow from Aave in two days due to collateral backing.

Together, these heists netted almost $600 million, accounting for 76% of all crypto hack losses in 2026 so far, according to blockchain forensics firm TRM Labs.

Attribution and Sophistication

Both attacks are widely attributed to North Korea-linked groups, as per Bloomberg. However, what alarmed cybersecurity researchers was the sophistication of the methods used, suggesting the involvement of AI in target selection and exploit design.

"This is all stuff North Korea never used to do," said TRM investigator Nick Carlsen, a former FBI analyst specializing in North Korean crypto crime.

Aftermath and Contagion Effect

  • Drift Protocol: The hack devastated the platform, leading to the shutdown and subsequent relaunch after securing a $148 million rescue package from Tether. A smaller DeFi project, Carrot, announced its closure on April 30th due to integration with Drift.

  • Kelp DAO and Aave: The stolen funds were deposited as collateral on Aave, triggering a crisis of confidence that resulted in approximately $9 billion being pulled from the platform in two days. Total value locked across DeFi lending protocols dropped by over $13 billion in 48 hours, necessitating a rescue for Aave.

Structural Vulnerability in DeFi

The episode highlighted a critical structural vulnerability in decentralized finance: the absence of a central authority to freeze suspicious transfers or reverse transactions over blockchains. The interconnected nature of DeFi protocols, where collateral is shared across platforms, amplifies these risks.

Clock

Leave a Reply

Your email address will not be published. Required fields are marked *