AI Is Reshaping Crypto Cybercrime Faster Than Defenses Can Adapt
Artificial intelligence is rapidly altering the economics of cybercrime in digital assets, lowering the cost of attacks while increasing their speed and scale, according to Charles Guillemet.
Summary:
- AI is dramatically reducing the cost and complexity of executing crypto attacks.
- Fraud and social engineering have overtaken smart contract exploits as the primary threat.
- Security experts warn the industry is not adapting quickly enough to the new reality.
The shift is already visible in the numbers: more than $1.4 billion has been lost to crypto-related hacks, exploits, and fraud over the past 12 months, with recent incidents underscoring how quickly the threat landscape is evolving.
For much of the past decade, crypto security followed a predictable pattern. A vulnerability in a smart contract would be discovered – often by a highly skilled attacker – leading to a rapid exploit and a post-mortem focused on code flaws.
That model is still relevant. But it is no longer the dominant one. In an interview for CoinDesk, Guillemet argues that AI has effectively “industrialized” cyberattacks, compressing processes that once required coordinated teams into workflows that can now be executed by individuals using widely available tools. Tasks such as vulnerability discovery, exploit generation, and phishing campaign management have become faster, cheaper, and increasingly automated.
“The cost is going down to zero,” he said, describing a shift that is turning cybercrime into a scalable operation rather than a specialized skill set.
A Surge in High-Impact Incidents
Recent attacks illustrate how this shift is playing out in practice. The exploit of Drift Protocol this week resulted in losses of roughly $285 million, making it one of the largest incidents of 2026 so far. Just days earlier, attackers drained about $25 million from the Resolv yield protocol in what investigators described as a targeted and methodical operation.
Taken together, these incidents form part of a broader trend. Data from DefiLlama shows that losses across the sector have exceeded $1.4 billion over the past year, with attack frequency and sophistication both increasing.
From Code Exploits to AI-Driven Fraud
For the first time, fraud and social engineering – often powered by AI tools – have overtaken traditional smart contract exploits as the leading cause of digital asset losses. The change reflects how effectively AI has lowered the barrier to executing complex scams.
Techniques such as voice cloning, deepfake video impersonation, and automated phishing campaigns are now being deployed at scale. Attackers can run hundreds of parallel operations, targeting both individuals and institutions with increasingly convincing narratives.
Groups linked to state-backed operations, including North Korea’s Lazarus Group, are believed to be among those leveraging these tools, further blurring the line between cybercrime and geopolitical risk.
Expanding Attack Surface
Security researchers from Chainup have identified a growing number of supply chain attacks, where malicious code is introduced into widely used software libraries. In one case highlighted by Guillemet, compromised packages reached tools with hundreds of millions of downloads, creating a pathway to infect applications – including those used in crypto development.
Another emerging vector is “instruction injection,” where attackers manipulate AI agents embedded in wallets or decentralized applications to bypass safeguards and reroute transactions. Combined with zero-click mobile exploits – capable of compromising devices without user interaction – the result is an expanding attack surface that is difficult to monitor in real time.
Defenses Struggle to Keep Pace
Guillemet and other security experts are increasingly advocating for formal verification – a method of mathematically proving that software behaves as intended – as a baseline standard for smart contract security. While effective, it is also resource-intensive and not yet widely adopted.
READ MORE: Crypto’s Biggest Risk Isn’t Regulation – It’s Quantum Computing
Other measures gaining traction include hardware-based key management, where sensitive cryptographic operations are moved off internet-connected devices, and “clear signing,” which allows users to verify transaction details on trusted hardware screens.
There is also growing emphasis on supply chain security, with developers urged to independently verify software dependencies rather than relying on automated updates.
A Structural Imbalance
Despite these efforts, the gap between attackers and defenders appears to be widening.
“The attackers are moving much faster than the defenders,” Guillemet said, pointing to AI as the primary driver of that imbalance.
For users and institutions alike, the implications are immediate. Security models built around manual review and reactive patching are increasingly inadequate in an environment where attacks can be generated, tested, and deployed in near real time.
A New Baseline for Risk
The broader takeaway is not simply that crypto is becoming more dangerous, but that the nature of risk is changing.
Where security once depended on preventing isolated technical failures, it now requires defending against continuous, automated adversaries operating at scale. That shift raises the threshold for what constitutes adequate protection.
In practical terms, tools that were once considered optional – such as hardware wallets and multi-layer verification – are quickly becoming baseline requirements.
The industry has adapted to new threats before. Whether it can do so at the pace required by AI-driven attacks remains an open question.
The information presented in this article is intended for informational purposes only and should not be interpreted as financial, investment, or trading advice. Coinspress.com does not promote or advocate for any particular investment strategy, asset, or cryptocurrency project. Cryptocurrency markets are highly volatile and unpredictable – always perform your own research and seek guidance from a qualified financial professional before making any investment decisions.
Alexander Stefanov
Reporter at CoinsPress
Alex is an experienced finance journalist and a cryptocurrency and blockchain enthusiast. With over five years of experience covering the industry, he deeply understands the complex and constantly evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His passionate approach allows him to break down complex ideas into accessible and insightful content. Follow up on his content to be up to date with the most important trends and topics - stay ahead of the curve with CoinsPress.
