SlowMist Founder Cos Says DeFi Hacking Incidents Have Significantly Increased, AI Becomes New Battleground for Hackers and White Hats

Cos, as the founder of SlowMist, has focused on blockchain security auditing and threat intelligence for years. He has previously warned about private key reuse and the security issues of old protocols. This time, he emphasizes the involvement of AI in the competition between black and white hats, continuing his analysis of DeFi attack trends for 2024-2025, especially with the increased efficiency of attacks following the proliferation of AI Agent tools.

In terms of capital flow, SlowMist charges DeFi protocols for auditing and monitoring fees through AI-driven automated vulnerability scanning and threat intelligence services, while promoting protocol upgrades for smart contracts and private key management, forming a "preventive security expenditure" closed loop. Old protocols that do not keep up will face capital outflow and rising insurance costs.

Following the surge in security spending after major DeFi hacking incidents like Ronin and Euler in 2022-2023, DeFi is currently in the mid-stage of transitioning from "traditional code auditing" to "AI adversarial vulnerability discovery." Hackers have begun using AI to generate mutated attack vectors.

Essentially, this represents a technological replacement: old decentralized protocols that traditionally relied on manual code review and static audits are being replaced by AI automated vulnerability mining tools. Both black and white hats are engaging with AI, pushing security offense and defense into a high-frequency iteration phase, concentrating capital on protocols and service providers that actively adopt AI security capabilities, and restructuring DeFi security from "passive patching" to a mechanism of "continuous AI adversarial engagement."