AI Fears Fail to Trigger DeFi Hackpocalypse: Dragonfly
Dragonfly's Haseeb Qureshi says AI hasn't caused catastrophic DeFi hacks; median hack sizes shrink below $500K as large protocols strengthen, though North Korean threats persist with $1.32B stolen in H1 2026.
Quick Take
Median DeFi hack size dropped to under $500,000 in 2026.
AI targets small protocols; large ones fortified.
Crypto hack losses fell 46.8% YoY to $1.32B in H1 2026.
North Korean hackers remain major threat, causing 70% of Q2 losses.
Market Impact Analysis
NeutralWhile AI-driven hacks haven't materialized in large-scale DeFi protocols, persistent vulnerabilities and North Korean threats keep security risks high, resulting in no clear market bias.
Speculation Analysis
Key Takeaways
- Median DeFi hack size dropped below $500,000 in 2026, undercutting AI-fueled hackpocalypse fears.
- Large DeFi protocols have fortified defenses, while AI tools target smaller, abandoned projects.
- Crypto hack losses fell 46.8% year-over-year to $1.32 billion in H1 2026, per CertiK.
- North Korean state-sponsored hackers accounted for 70% of Q2 2026 losses, remaining the dominant threat.
What Happened
Haseeb Qureshi of Dragonfly pushed back against claims that AI would trigger a DeFi hackpocalypse. Despite a record number of incidents, the median hack size has fallen below half a million dollars, down from over $2 million in 2025. Qureshi pointed to large protocols strengthening security, while AI-powered attacks mostly hit smaller, ill-maintained projects. The debate ignited after OpenZeppelin's founder labeled all DeFi unsafe, citing AI's ability to find smart contract bugs.
The Numbers
Data from DefiLlama and CertiK paints a mixed picture. H1 2026 crypto losses totaled $1.32 billion, a 47% drop from the prior year. But the decline is partly due to the outsized $1.4 billion Bybit hack in early 2025. April 2026 still saw $644 million in losses, the worst month since Bybit. Notably, 70% of Q2 losses came from two exploits—KelpDAO and Drift Protocol—both tied to North Korean hackers.
Why It Happened
The shift reflects a bifurcation in DeFi security. Top protocols have hardened their codebases and adopted formal verification, making AI-assisted vulnerability discovery less effective. Meanwhile, poorly maintained forks and abandoned projects remain soft targets. Qureshi's view suggests AI is a threat amplifier rather than an existential risk, at least for now. The decline in headline loss figures may also mask a long tail of smaller exploits.
Broader Impact
The AI security debate underscores a growing maturity gap in DeFi. Institutional capital may flow more confidently into battle-tested protocols, while smaller projects face heightened scrutiny. However, the persistent North Korean threat—with over $6 billion stolen since 2017—shows that human-driven, state-sponsored attacks remain the industry's biggest headache.
What to Watch Next
- Monitor monthly exploit totals for any spike above $500 million, which would signal a new threat vector.
- Watch for regulatory or industry-wide security standards that could emerge from the AI debate.
- Track North Korean-linked wallet activity, especially after the KelpDAO and Drift heists.
This article is for informational purposes only and does not constitute financial advice.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.