AI Is Making Crypto Hacks Worse

Summary

Ronghui Gu, co-founder and CEO of CertiK, discusses the surge in DeFi hacks in April 2025, attributing it partly to AI making vulnerability discovery easier. He notes that recent major exploits stem from operational security failures and North Korean state hackers rather than smart contract bugs. The conversation covers the arms race between attackers and defenders, the importance of formal verification, and the need for coordinated industry incident response.

• April 2025 saw 27 days with hacks, $690M lost excluding the Bybit hack.
• AI tools allow hackers to find vulnerabilities faster and scale attacks across protocols.
• Recent large attacks on Aave and Curve were due to supply chain and operational security gaps, not smart contract bugs.
• North Korean state hackers are increasingly involved in crypto exploits.
• CertiK has released AI auditor tools and formal verification services to counter AI-driven attacks.
• The industry needs faster coordination for freezing stolen assets, but legal issues remain.
• Bybit's response to its hack is praised as a model for crisis management.
• No silver bullet exists; security requires continuous investment and multi-layered defense.