In 2020, the decentralized finance (DeFi) ecosystem progressed from a niche concept into a multi-billion-dollar industry. The introduction of the Compound protocol in May 2020, in which users lend or borrow assets and receive governance tokens as rewards. This helped ignite the DeFi sector.
Currently, DeFi has been facing major challenges and pressure due to severe incidents and exploits that have led to heavy losses despite security updates. The sector saw a loss of over $840 million; the blockchain bridge took the largest hit. This caused capital losses in the industry and raised concerns about the resilience of blockchain-based DeFi systems.
What is DeFi?
DeFi, or Decentralized Finance, is a financial system that replaces traditional intermediaries, such as banks or brokers, with blockchain technology. Users can lend, borrow, trade, and earn interest directly with one another, typically using smart contracts on networks like Ethereum.
Using DeFi, users can transact directly with other users via dApps without middlemen. Anyone with internet access and a digital crypto wallet can participate without background checks or account approvals. The rules and terms are written into self-executing code or smart contracts.
DeFi under a new threat
The decentralized finance (DeFi) sector is under a new threat: AI. According to Manuel Araoz, a well-known cybersecurity expert, modern AI systems are capable of analyzing code with speed and accuracy higher than human ability. This means the technology can identify vulnerabilities in smart contracts within a few minutes.
2026 has been a brutal year for DeFi, with great losses, especially in the month of April. Cross-chain bridges, decentralized exchanges, derivative protocols, and digital wallets incurred the losses. As mentioned before, by the end of May, cumulative losses from DeFi hacks surpassed $840 million from more than 50 incidents in just five months.
DeFi Hacks in April 2026
In April 2026, the DeFi sector faced two major exploits. On April 1, 2026, attackers took roughly $285 million from Drift Protocol, a Solana-based derivatives exchange. It was a preplanned attack. The biggest attack was carried out on KelpDAO. On April 18, 2026, around $292 million was drained. It was a direct attack on KelpDAO’s LayerZero cross-chain bridge.
North Korean state-linked hackers, known as the Lazarus Group, carried out the attack. According to reports, the group has caused 76% of crypto-related hack losses.
DeFi Hacks in May 2026
The hacks continued in May. TrustedVolumes, a major DeFi market maker and liquidity provider for platforms, was entrapped in a smart contract exploit. The hackers drained $6.7 million in a single trade.
After this hack, security firms tracked the flow of the stolen money as hackers attempted to launder it. THORChain is a decentralized cross-chain liquidity protocol that allows users to swap native assets without KYC verification or wrapped tokens.
On May 18, Blockaid, a blockchain security firm, found an active attack on the Verus-Protocol Ethereum Bridge. It was exploited through a fake cross-chain transfer message. About $11.8 million was drained within minutes.
AI Forming Its Own Exploit
Things around the DeFi sector have become more concerning as AI models can detect vulnerabilities and generate exploits on their own. AI can scan publicly available smart contract code, identify its weaknesses, design exploits, and automate attacks.
DeFi’s key strength – an open and transparent code has now become a liability. The sector is currently battling the advancement of AI.
Why Focus Has Shifted From Audits To Key Management
DeFi code auditing tools are now in the hands of both attacker and defender. So, an audit has become a basic requirement. Attackers have found that they can bypass the code and target individual private keys and admin access controls. So, in a battle against AI-driven attacks, the DeFi sector is prioritizing operational security over static code reviews.
| Security Vector | Old Focus | New Focus |
| Code Audits | Relying on static, one-time third-party human audits. | Continuous, real-time AI-augmented threat testing and runtime invariance suites. |
| Access Control | Simple Multi-Sig wallets held by a few core team members. | MPC (Multi-Party Computation) where private keys never exist in one piece. |
| Governance | Human manual verification of cross-chain bridge updates. | Hardened cryptographic consensus that removes human social engineering from the approval path. |
| Fail-safes | Hoping the code holds up indefinitely under pressure. | Automated on-chain circuit breakers that pause a protocol if anomaly detection triggers. |
Implementing Transaction and Other Relevant Policies
Here are a few ways to implement DeFi transaction policies.
- Standardise levels
Set a time delay or more signers for larger transactions.
- Checks for transactions
Block first-time recipients above a certain threshold. Mandate a second factor for new paths.
- Velocity limits
Limit daily or weekly outflows per asset or per counterparty.
- Separate duties
Create new signers for each spending action.
- Utilize decentralized oracles
Reduce dependency on a single data source.
- Implement continuous monitoring
Set up a continuous monitoring system, identify vulnerabilities, and track cybersecurity developments across the sector.
- Leverage decentralization
Emphasize decentralized design and prioritize community governance.
The Need For DeFi Regulation
DeFi’s decentralized structure poses several security risks. Building a regulation could help:
- Build safety nets to help users recover lost funds
- Improve transparency, especially for DeFi protocols
- Strengthen security and prevent losses
- Enhances market stability and reduces manipulation risks
Final Thoughts
The recent attacks are a serious wake-up call for the DeFi sector. Although the sector is still evolving, it lacks the right tools to safeguard from high-end attacks. The current measures are insufficient for handling the risks and attacks. As we have seen in this article, new steps need to be carried out to build a secure environment. Moreover, the sector needs stricter regulations to ensure accountability and protect funds. It should focus on developing advanced measures to tackle AI-based attacks rather than conducting code audits.
