Khushi V Rangdhol
Jul 23, 2025 11:13
Hackers stole over $2.17 billion from crypto protocols in six months, raising questions about AI’s role in preventing future heists. Tools like Forta and CertiK show promise in detecting threats, but challenges remain. Success depends on reducing alert response times and ensuring protocols have automated defenses. The race is on to see if AI can outpace hackers in the next big security breach.
In the six months to July 2025, hackers emptied more than US$2.17 billion from crypto protocols—already eclipsing the total haul for 2024. The figure, compiled by Chainalysis, is driven by a handful of blockbuster exploits, including February’s US$1.5 billion raid on Bybit. With each breach, the same question resurfaces: Can artificial‑intelligence systems flag a theft early enough for operators to hit the pause button?
What “AI Security” Looks Like On‑Chain
The best‑known early‑warning network is Forta, an open‑source grid of detection bots that scan live transactions across seven blockchains. According to Forta’s 2023 review, machine‑learning models embedded in those bots spotted 75 per cent of major on‑chain hacks during that year and raised an alert before funds moved in 42 per cent of them. That performance persuaded protocols such as dYdX and Compound to wire Forta’s risk score straight into their admin dashboards.
Audit firm CertiK takes a different tack. It’s Skynet service combines graph neural networks—trained on historical attack paths—with static‑analysis data from code audits. The firm’s public Hack3d report for the first half of 2025 shows Skynet generating over twelve billion security signals a day and crediting the system with helping to limit nine live exploits in Q2 alone.
BlockSec blends AI with real‑time simulation. When a suspicious transaction hits the mempool, BlockSec’s Phalcon engine clones the transaction into a private fork of the chain, executes it, and scores the outcome. If simulated balances drop to zero, alert webhooks fire; in January, the mechanism froze US$2.4 million during an attempted drain on BNB Chain, a success the company documented in a public blog post.
How The Models Hunt
Pattern learning. ML classifiers watch gas usage, call graphs and token flows to establish a “normal” baseline. Deviations—spikes in approve() calls or abrupt debt‑position fluctuations—bump a risk score.
Contract genealogy. Neural nets compare bytecode of new contracts against libraries of known exploit templates, flagging look‑alikes before they are funded.
Cross‑chain context. A bridge withdrawal on one network can trigger a pre‑emptive alarm on the destination chain because the systems share graph data in milliseconds.
An academic study published in the ACM Digital Library this June reached 96 percent recall when classifying adversarial smart contracts—a reminder that university labs are feeding the commercial toolchain.
So Far, More Sizzle than Steak—Yet Progress is Visible
Early‑warning bots are not silver bullets. Attackers have learned to parcel flash‑loan payloads into hundreds of micro‑transactions, diluting the statistical “burst” that anomaly models look for. Sub‑second MEV sandwiches can still slip through 15‑second polling windows, and a run of false positives has induced alert fatigue among smaller teams.
Even so, there are hard numbers to show the effort pays. In October 2024 a Forta bot spotted an unusually large allowance change on a lending pool 38 seconds before the attacker pulled liquidity. Admins paused the contract; final losses were US $3.2 million instead of the US $40 million estimated in post‑mortem simulations (OpenZeppelin engineering note, public). That is far from a zero‑loss outcome—but it is proof that seconds can matter.
The Next Layer of Defence
Forta is preparing a “zkNode” upgrade that will force node operators to publish zero‑knowledge proofs they have executed the detection model honestly—closing a loophole where a malicious node could silence alerts. CertiK and Trail of Bits are beta‑testing large‑language‑model assistants that review Solidity pull requests for re‑entrancy or overflow patterns, nudging developers to patch before deployment. And insurance markets are listening: Nexus Mutual says it will wire Forta’s risk scores into claims triage so members get faster payouts when an exploit is objectively verified.
One unresolved problem is the cash leg. Even the fastest alert is pointless if operators lack a built‑in “circuit breaker.” Protocols such as Aave already let guardians freeze individual assets; others still rely on multisig holders scattered across time zones. Codifying an automated kill switch—with governance limits to prevent abuse—remains a delicate engineering and political task.
Will AI Stop the Next Nine‑Figure Heist?
Since 2021, the crypto industry has suffered five exploits over US $100 million, all executed before a public alert could bite. Yet Forta’s record shows almost half of large attacks in 2023 were flagged pre‑execution; CertiK’s latest dataset suggests modest but real progress in 2025. The trajectory is clear: prediction windows are shrinking, and more protocols are wiring alerts into immutable pause functions.
Success, then, hinges on two timelines. The defenders must cut inference latency from tens of seconds to single digits and persuade every major protocol to adopt automatic throttles; the attackers need only find one blind spot that keeps their window open long enough to drain another vault. Whether the next triple‑digit theft lands in October or is quietly neutered in the mempool may depend on whose machine learns faster.
Image source: Shutterstock
