In the past week, three old DeFi projects have been hit hard, losing around $5 million. These projects were big names back in 2020-2022 but are now abandoned or no longer maintained. Some people think these hacks might be part of a bigger, AI-driven campaign targeting old contracts.

Ribbon Finance had a rough time last Friday. They told users about a hack on their old DOV vaults, losing $2. 7 million. At first, they said they would pay back users with their own money and funds from inactive accounts. But a few days later, they changed their minds and said users would lose everything.

Rari Capital was also hit for $2 million on December 10, but no one noticed for a week. The hacker took assets without putting up any collateral. Rari Capital had already shut down after big hacks in 2021 and 2022. They also settled with the SEC in 2024 for misleading investors.

Yearn Finance, which started as iEarn Finance, lost about $250, 000 in a hack on a five-year-old contract. A misconfigured adapter caused a chain reaction across multiple DeFi protocols. This hack used the same weakness as a 2023 attack that lost $11 million. Yearn has had other issues too, like a $1. 4 million loss from slippage in 2023.

With smart contract hacks usually going down, these recent attacks are worrying. A security researcher thinks someone might be targeting old contracts, maybe using new AI tools. They advise pulling funds from old, abandoned contracts. Another observer agrees, saying AI could make things much harder for DeFi developers in the future.

A recent study by Anthropic showed AI agents could exploit smart contracts and even find new vulnerabilities. This raises concerns about how AI might be used in future hacks.

Old DeFi Projects Under Siege: $5 Million Gone in a Week

Actions