律动BlockBeats
律动BlockBeats|6月 10, 2026 01:09
[Chainalysis: AI is Driving Systematic Exploitation of Unverified Contract Vulnerabilities, Causing Over $36.7 Million in Losses in the Past Six Months] BlockBeats News, June 10 — Blockchain analytics firm Chainalysis released a report indicating that attackers are increasingly targeting smart contracts with unverified source code (Unverified Smart Contracts). Over the past six months, at least four DeFi protocols using unverified contracts have been attacked, resulting in a total loss of approximately $36.7 million. The report suggests that with the development of decompilation tools like Dedaub and Panoramix, along with AI large models capable of quickly analyzing decompiled bytecode, attackers can now systematically scan unverified contracts on-chain, automatically identify vulnerabilities such as reentrancy attacks, access control flaws, and arithmetic overflows, and filter for the most valuable targets. Chainalysis stated that while unverified contracts reduce the difficulty of external scrutiny of source code, they also forgo the security benefits brought by white-hat researchers, community audits, and bug bounty programs. A typical case includes the Truebit attack incident in January this year, where attackers exploited an integer overflow vulnerability in a contract deployed in 2021 that had never been publicly verified, stealing approximately $26.2 million. Amid the continuous improvement of AI-assisted vulnerability exploitation capabilities, the "security through obscurity" model is rapidly failing. Chainalysis recommends that protocol teams treat source code verification as a minimum security standard, strengthen real-time on-chain monitoring, and expand the scope of bug bounty programs to reduce potential attack risks. [Original Link]
+4
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads