Is an AI hacker targeting old DeFi projects in $5M spree?

A trio of hacks targeting old DeFi projects have stolen approximately $5 million in the past week.

The three projects targeted were all well-known names during DeFi’s 2020-2022 cycle, and the affected contracts are all from abandoned projects, immutable, or no longer maintained.

The similarities have led some to wonder if legacy contracts are being targeted in a concentrated, AI-aided hacking campaign.

Ribbon Finance flip-flops on recovery plan

Last Friday, Aevo (formerly Ribbon Finance) informed users of an oracle-manipulation hack on “legacy Ribbon DOV vaults,” resulting in a $2.7 million loss. The post reassured Aevo users that they weren’t impacted.

In a since-deleted follow-up post, the team announced a plan to reimburse those affected using $400,000 of its own funds, as well as assets from “dormant” users.

However, the Ribbon team walked back the controversial plan a few days later, clarifying that the affected users would, in fact, suffer a 100% loss.

Read more: Cathie Wood falls for AI slop despite heavy OpenAI, Tempus bets

Defunct Rari Capital hijacked

The $2 million Rari Capital hack occurred on December 10, but was not flagged for a week.

In what appears to be a “hijacking of the implementation contract,” the attacker was able to borrow assets “without posting any collateral.”

Read more: LLM crypto trading contest finds LLMs can’t trade crypto

Following hacks in 2021 and 2022 (for $15 million and $80 million, respectively), Rari Capital ceased operations. According to DeFiLlama data, Rari contracts still contain around $2.7 million of funds.

The team later settled with the SEC in September 2024 over “misleading investors and engaging in unregistered broker activity” as well as unregistered securities offerings.

Yearn Finance: third time’s the charm

On Tuesday, a five-year old iEarn Finance (precursor to Yearn) contract was attacked for approximately $250,000.

Pseudonymous Yearn developer Banteg described how a “misconfigured adapter” caused “a cascading failure across multiple DeFi protocols.”

Read more: DeFi yield aggregator Yearn discloses September incident in yUSND vault

The hack exploited the same vulnerability as a 2023 attack, which saw $11 million lost. Yearn had previously been hacked in 2021, also for $11 million.

In addition to the hacks, Yearn suffered an operational mishap in 2023 in which $1.4 million was lost to “significant slippage.”

Last month, the team also disclosed a malfunction in one of its vaults, with Yearn covering the shortfall.

An AI-supported hacking spree?

Given a generally decreasing rate of smart contract hacks on DeFi protocols, the recent concentration has raised eyebrows.

A security researcher (and former Yearn developer) who goes by storm0x suspects that someone may be “specifically targeting legacy contracts, maybe even using new tools and LLMs?”

They advise withdrawing from 2021-era contracts that are “deprecated, sunsetted or abandoned.”

Another observer shares storm0x’s suspicion. They see the boom in AI support for already sophisticated attackers posing a threat which could be “extremely painful” for DeFi developers in the coming years.

“The bar to build, sample, test, exploit strategies has never been lower,” they said.

As well as AI-supported hackers covering more ground, autonomous AI hacks may also pose a threat in the future.

A recent study from Anthropic pitted AI agents against a library of 405 smart contracts exploited between 2020 and 2025.

The AI models autonomously achieved $4.5 million worth of exploits on contracts deployed after their knowledge cutoff. They also “uncovered two novel zero-day vulnerabilities” in 2,849 new contracts with no known vulnerabilities.

Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.