AI-Driven Threats and State-Sponsored Attacks Fuel Surge in Crypto Losses

The cryptocurrency ecosystem is facing a new wave of sophisticated threats as artificial intelligence is increasingly weaponized to execute high-speed exploits and precision social engineering attacks. According to CertiK, the industry has already lost more than $600 million in 2026, with a significant spike in activity occurring throughout April. Two major incidents dominated the month's losses: a $293 million exploit of KelpDAO, which involved a failure in the LayerZero cross-chain messaging infrastructure, and a $280 million attack on the Drift Protocol. Both events have been linked to North Korean state-sponsored threat actors. Additionally, the wallet provider Zerion reported a $100,000 loss resulting from a long-term AI-powered social engineering campaign. Security experts warn that the acceleration of 'agentic AI' allows attackers to autonomously scan smart contracts for bugs and execute exploit code at machine speed. Furthermore, threat actors such as 'Jinkusu' are allegedly marketing tools that utilize voice manipulation and deepfakes to bypass Know Your Customer (KYC) checks at banks and crypto platforms. This trend follows a volatile 2025, where total losses reached $3.3 billion. Supply chain vulnerabilities were particularly damaging last year, highlighted by a $1.4 billion exploit at Bybit. In response to these escalating threats, the US Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) has announced the expansion of its threat identification program to include digital asset firms. To mitigate these risks, analysts recommend that retail investors move assets from exchanges to cold wallets to avoid exposing private keys. While AI is being used offensively, it is also being deployed defensively, with models like Claude Mythos being used by tech firms to identify and patch vulnerabilities in major operating systems.