AI just bypassed the Cloudflare protection that DeFi needs

Despite launching countless branding exercises that feature the word “decentralization,” much of the crypto industry actually uses Cloudflare to defend large chunks of its user-facing infrastructure.

Indeed, Cloudflare protects crypto websites collectively processing billions of dollars worth of trades and receiving millions of visitors daily. However, this week, crypto learned that autonomous AI agents can apparently use an open-source library to walk right through several of Cloudflare’s lines of defense.

Most heard of the vulnerability from a headline about OpenClaw, an AI agent that runs on a Mac Mini or cloud server.

OpenClaws, formerly known as ClawdBots or MoltBots, can now use a free library called Scrapling to “bypass Cloudflare natively.”

“Scrape any website without getting blocked, with zero bot detection,” the developer wrote in a brief blurb on Github before releasing the code into the wild.

It soon rocketed to a #1 trending spot among Github repositories.

The age of homespun AI agents has arrived

Boasting concurrent, multi-session crawlers with realistic start/stop actions and proxy IP addresses, the Python library allows AI agents like OpenClaw and others to bypass “all types of Cloudflare’s Turnstiles and Interstitials.”

Not only that, its own benchmarks claim over 600 times the parsing speed of BeautifulSoup, a formerly impressive web crawler.

The age of homespun AI agents is here, and the traditional armor that crypto has employed to protect its websites against crawlers, spiders, Denial of Service (DoS) attacks, and hackers of all types is starting to crack.

Through the use of human-mimicking behavior and AI adaptation, an OpenClaw agent can trick sophisticated forms of bot detection. Even more devastatingly, it can operate on commodity hardware and volley attacks for a few cents.

DeFi keeps relying on Cloudflare while losing millions

Decentralized Finance (DeFi) has already learned — repeatedly and expensively — what happens when its Cloudflare-dependent front-ends fail.

Although it doesn’t have 1:1 similarity with the capabilities of Scrapling, the most obvious example of crypto’s reliance on Cloudflare remains BadgerDAO.

In December 2021, an attacker compromised a Cloudflare Workers API key.

The attacker used that key to inject a malicious script into BadgerDAO’s front-end, tricking users into signing token approvals. It drained $130 million. 

Consider another example. Curve Finance suffered Domain Name System (DNS) hijacks in August 2022 and again in May 2025.

Each time, attackers accessed its registrar and redirected traffic away from Cloudflare’s nameservers to malicious clones.

The 2022 attack cost users over $500,000. The 2025 attack forced Curve to abandon its “.fi” TLD entirely and migrate to Curve.finance.

Read more: Saga becomes latest victim in DeFi hacking spree

The pattern only accelerated. In July 2024, a single DNS attack on Squarespace put 228 DeFi protocol websites at risk, including Compound and Celer Network.

Aerodrome Finance,a decentralized exchange (DEX) on Coinbase’s Base network, lost over $1 million in a November 2025 DNS hijack. OpenEden disclosed a DNS compromise on February 16, 2026. Curvance detected and blocked a front-end attack on the same day.

Every one of these attacks exploited the gap between decentralized smart contracts and the centralized web infrastructure that users actually touch: DNS records, content delivery network (CDN) scripts, and Cloudflare configurations.

Although Scrapling is too new to boast of any crypto hacks to date, there might be victims in coming days, unfortunately. Its primary intention is to scrape and download content, not hack Defi, of course. Hopefully, developers and OpenClaw users use it for its legal and intended purposes.

Scrapling lowers the Cloudflare shield

The traditional defense model assumed that bot detection, fingerprinting, and Cloudflare’s Turnstile challenges could keep automated traffic out. Scrapling breaks some of those assumptions through AI.

Its developer describes, in language probably only developers understand, about packaging TLS fingerprint spoofing, headless detection avoidance, Canvas noise generation, and WebRTC leak mitigation into a composable library. 

A third party analysis noted that the core breakthrough “wasn’t a single new trick.” Instead, it was the combination of multiple AI skills to trick cybersecurity services.

Cloudflare’s own documentation warns developers to “never trust client-side validation alone.” Unfortunately, many DeFi frontends treat Cloudflare challenge widgets as sufficient, leaving backdoors open to tools that can fake a passed challenge on the client side.

The crypto industry spent five years and hundreds of millions in user losses learning that Cloudflare is a speed bump, not a wall. Scrapling just used AI to hop over again.

Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.