mt logoMyToken
ETH Gas
Tiếng việt

Dragonfly’s Haseeb: DeFi Hack Losses Stay Below 2025 Levels in 2026 Despite AI Fears

sưu tầmcollect
đăng lạishare
aii77

The narrative that AI would supercharge DeFi exploits and unleash a catastrophic year of on-chain theft has not matched the on-the-ground data. According to the original report , Dragonfly managing partner Haseeb Qureshi says annualized hack losses in 2026 are running below 2025 levels and remain within historical ranges. The spike in total incidents is real, but the median loss per event continues to shrink, pointing toward a more fragmented threat landscape where attackers increasingly pick off smaller, less-defended protocols rather than cracking major vaults.

Qureshi’s observations directly challenge months of dire warnings about large language models being used to scan contract code at scale. Instead, the numbers show that crypto-native security investments—formal verification, bug bounties, and upgrade delays—are absorbing the blow. The decline in losses from admin-key and multisig compromises suggests that the most glaring operational weaknesses are being patched, especially at protocols with meaningful treasury exposure.

Attack Patterns Shift Toward Abandoned and Low-Liquidity Targets

The rise in raw incident count paired with falling median losses tells a specific story. Attackers are probing forgotten forks, unaudited yield aggregators, and projects that launched during past market exuberance but now sit with minimal total value locked. This scattergun approach generates more headlines but less financial damage, and it increasingly separates DeFi risk into two buckets: institutional-grade venues versus everything else. That divergence is reflected in developer activity on major chains , where core teams continue shipping upgrades and tightening execution environments.

For users, the practical implication is that capital concentrated in top-tier lending markets, decentralized exchanges, and liquid staking protocols now faces meaningfully lower hack risk than it did in 2022 and 2023. What remains uncertain is whether AI-enabled attacks simply haven’t arrived yet, or whether the defensive improvements really are durable against automated exploit discovery. Qureshi’s framing suggests resilience, but the industry’s history of underestimating adversarial innovation leaves room for caution.

Larger Protocols Harden as Regulatory Pressure Converges

The resilience of established DeFi codebases is not happening in a vacuum. Regulatory scrutiny from agencies in multiple jurisdictions has pushed major teams to tighten admin controls, implement timelocks, and submit smart contracts to multiple independent audits. These measures were often reactive after high-profile breaches, but they are now becoming table stakes. The same operational discipline that satisfies regulators is what makes a protocol unattractive to advanced attackers.

A broader trend worth watching is how on-chain capital is concentrating into a shrinking number of battle-tested applications. Recent tokenization milestones and institutional settlements underline that serious money is flowing toward infrastructure that has demonstrably survived adverse events. Security track records are becoming an asset class differentiator, not just a technical metric.

What the Market Is Getting Wrong About AI and DeFi Crime

The gap between AI threat narratives and actual loss data reveals more about media cycles than about attacker capabilities. So far, 2026 is proving that social engineering and off-chain key management failures remain the bigger risk surface. While LLMs can assist in code review, they have not yet enabled a step-change in on-chain exploit severity. One reason may be that smart contract vulnerabilities still require deep, context-specific domain knowledge that general-purpose models lack.

Even so, the landscape is not static. The drop in median loss size could reverse if AI tools become more specialized. The danger may not be a sudden hackpocalypse but a quiet erosion of defenses over time, particularly if smaller teams rely on AI-assisted audits that miss novel attack vectors. Protocols that rushed to integrate AI modules without rigorous adversarial testing could become the next wave of exploited targets. The market has a short memory, and a single large breach could quickly reset expectations.

For now, the data from Qureshi offers a sobering counter-narrative. DeFi security is not solved, but it is no longer moving backward. The shift from large treasury drains to smaller opportunistic hits suggests that the industry’s defensive layer is working—just not yet everywhere at once.

Tuyên bố từ chối trách nhiệm: Bản quyền của bài viết này thuộc về tác giả gốc và không đại diện cho MyToken(www.mytokencap.com)Ý kiến ​​và vị trí; vui lòng liên hệ với chúng tôi nếu bạn có thắc mắc về nội dung
community_x_prefix
X(https://x.com/MyTokencap)
community_tg_prefixcommunity_tg_name
https://t.me/mytokenGroup
Đọc liên quan