Chainalysis Reports $36.7M Stolen from Unverified Smart Contracts in DeFi Sector
A new attack trend focusing on unverified smart contracts in decentralized finance has resulted in $36.7 million stolen across four separate incidents since the start of the year, according to blockchain analytics firm Chainalysis.
At minimum $36.7 million in losses stemming from four separate DeFi exploits during the last half-year period can be traced back to unverified smart contracts, with cybercriminals increasingly focusing on protocols that have not made their source code publicly accessible, blockchain analytics company Chainalysis has revealed.
The most significant attack targeted Truebit, resulting in $26.2 million in stolen funds when a malicious actor took advantage of an integer overflow flaw within a contract that had been sitting unverified on the Ethereum blockchain since 2021. Additional attacks hit Trusted Volumes, Aperture Finance and Ekubo, the analysis found.
Across all four instances, the compromised contracts had never undergone verification on blockchain explorers, which meant their underlying source code remained inaccessible for public examination. Chainalysis noted that this lack of transparency prevented thorough review by security experts and kept these contracts outside the scope of numerous bug bounty initiatives, even though they held custody of user assets.
The emerging pattern can be partially explained by recent progress in decompilation technologies and artificial intelligence capabilities, Chainalysis stated, which enable attackers to reverse-engineer the bytecode of smart contracts and discover security weaknesses even in the absence of publicly available source code. The analysis notes that tasks that previously demanded "a skilled reverse engineer spending days on a single contract" have become increasingly automated, allowing threat actors to scan extensive numbers of unverified contracts simultaneously.
The findings directly contradict a long-held belief within the DeFi community that maintaining smart contract code in private repositories offers enhanced protection. Chainalysis argues that platforms depending on concealed code are progressively relying on "obscurity as a security measure," a strategy the firm characterizes as diminishing in effectiveness at a rapid pace.
Among the protective measures recommended by Chainalysis are source code verification procedures, expanded bug bounty program coverage and the implementation of real-time monitoring systems to guard against similar exploits in the future.
DeFi security concerns persist after record April losses
The analysis arrives during a period of escalating cryptocurrency exploits across the sector. Data from DeFiLlama indicates that cybercriminals extracted $629.7 million during April alone, marking the highest monthly figure recorded since February 2025.
The overwhelming majority of April's financial damage stemmed from two major security breaches. KelpDAO experienced a $293 million loss while Drift Protocol fell victim to a $280 million exploit, with these two incidents combined accounting for over 80% of all funds stolen throughout the month.
While the total amount stolen decreased significantly during May, with blockchain security firm CertiK documenting $68.3 million taken through cryptocurrency exploits, the consequences from April's most devastating breaches remained ongoing. During June, Arkham, a blockchain intelligence service, disclosed that the individual responsible for the KelpDAO breach had successfully laundered nearly the entire amount of approximately $220 million in stolen assets that were not frozen.
The security breach at KelpDAO additionally triggered multiple DeFi platforms to conduct comprehensive evaluations of their security frameworks, with various projects such as Solv Protocol revealing intentions to transition toward Chainlink's crosschain infrastructure after completing internal security assessments.
Earlier this month, Anthropic disclosed that 560 out of the 832 user accounts it suspended for violating terms of service during a twelve-month timeframe had leveraged AI technology to assist in preparing cyberattacks, including activities such as creating malware and discovering security vulnerabilities.