AI Is Making Crypto Hacks Cheaper Than Ever And Kelp DAO Just Proved It

Markets 2026-04-19 13:55

AI Is Making Crypto Hacks Cheaper Than Ever And Kelp DAO Just Proved It

Ten years ago, a crypto exploit required a rare set of skills.

You needed deep Solidity instincts, a working knowledge of bridge architecture and enough patience to trace months of on-chain activity. In 2026, a frontier language model can do the first two in an afternoon and a motivated attacker can buy the third.

The $292 million Kelp DAO drain this weekend is the latest reminder that the economics of attacking crypto have changed, and the defenders are still catching up.

The Kelp DAO Hack Was Just The Warning Shot

The Kelp exploit is not the story on its own.

The story is the shape of it. An attacker identified a narrow validation gap in how Kelp's LayerZero bridge handled cross-chain messages, forged a packet, extracted 116,500 rsETH and then moved the proceeds into Aave (AAVE) V3 to borrow against them.

The whole sequence played out in under an hour. The skill curve that separates a novice from the attacker who pulled this off used to take years to climb. Today, a capable model running inside a security research harness can surface that class of bug within a single testing session.

How AI Is Collapsing The Cost Of A Crypto Exploit

Charles Guillemet, Ledger's chief technology officer, put the trend in plain numbers earlier this month. Crypto lost roughly $1.4 billion to hacks and exploits over the past year, and he expects the figure to rise as AI tooling gets cheaper.

The reason is not mystical. Offensive tooling has always been one of the fastest adopters of new technology. A large language model that can read Solidity, simulate edge cases and generate working exploit code shrinks the preparation phase of an attack from weeks to hours. Pair it with agentic automation and a single attacker can probe dozens of protocols in parallel.

On the trading side the asymmetry is even more stark.

AI-powered trading bots reportedly account for 58% of crypto market volume in early 2026. That means the counterparty on the other side of most human trades is already a machine, which quietly changes what a "normal" market looks like and makes any honeypot or spoofing attack substantially more lucrative.

Also Read: Why Does An Oil Lane 7,000 Miles Away Control The Bitcoin Price

The Hidden LLM Router Problem Draining Wallets

CoinDesk's researchers flagged a second, quieter attack vector earlier this month that most users have never heard of. LLM routers are the services that sit between a consumer application and the actual model doing the work.

They pick which model handles which request and log the outputs. Researchers documented 26 routers secretly injecting malicious tool calls into agent flows, and one case drained $500,000 from a single client wallet. The attack requires no smart contract bug at all. The router just rewrites what the agent is told to do.

That matters because the new generation of agent wallets, including Coinbase's Agentic Wallets and Supra's Life OS, rely on trusted routing for almost every meaningful action. A compromised router can turn a helpful shopping agent into a quiet drain. Users never see the substitution because the agent obediently reports that the action succeeded.

What Ledger, Anthropic And Coinbase Are Building To Fight Back

The defensive response is forming on three layers. Ledger is pushing the problem down to hardware. The company announced a new AI-focused security suite that keeps signing authority on a physical device and forces every agent action through a human-readable prompt before any transaction is broadcast.

Anthropic spent part of April running red-team exercises on the agent-to-exchange surface, with its researchers warning that the real AI risk is not models going rogue but models being quietly manipulated at the exchange API layer.

Coinbase baked programmable spending caps, session limits and guardrailed tool libraries directly into its Agentic Wallets product, with private keys kept inside Coinbase infrastructure rather than handed to the agent. None of this is a silver bullet.

Hardware signing assumes the user reads the prompt. Red-team exercises only catch the attacks you already thought of. And Coinbase's guardrails only help if the agent is actually running through Coinbase's stack. The honest summary is that 2026 is the year the crypto industry stops pretending AI is just a product category and starts treating it as a threat model.

The Kelp DAO drain will be investigated and the funds might partially come back.

The question Monday's open raises is whether the other LayerZero-secured bridges in DeFi have already been probed by an AI-assisted attacker and just haven't fired yet. Every protocol running cross-chain messaging is on that list.

Read Next: Strategy Stock Jumps 12% As Bitcoin Rockets Past $77,000

Share to:

This content is for informational purposes only and does not constitute investment advice.

ChainGPT News ChainGPT ENS News ENS Price ZIGChain News
Recommended Reading
2026-04-19 13:55
AI Is Making Crypto Hacks Cheaper Than Ever And Kelp DAO Just Proved It
2026-04-19 08:18
Every DeFi Trader Is Watching This Kelp $292M DAO Exploit — Here's Why It Changes Lending
2026-04-19 06:00
Why Does An Oil Lane 7,000 Miles Away Control The Bitcoin Price
2026-04-18 17:35
Red Flags for XRP Holders: Security Bugs and No Quantum Plan – BMIC Offers Real Protection
2026-04-18 16:02
How Claude Mythos Could Reshape Finance And Crypto Industry
2026-04-18 15:48
Mastercard Pilots Ripple's RLUSD For Card Settlement With Gemini

Popular Articles

Curated Series

SuperEx Popular Science Articles Column

SuperEx Popular Science Articles Column

This collection features informative articles about SuperEx, aiming to simplify complex cryptocurrency concepts for a wider audience. It covers the basics of trading, blockchain technology, and the features of the SuperEx platform. Through easy-to-understand content, it helps users navigate the world of digital assets with confidence and clarity.
Unstaked related news and market dynamics research

Unstaked related news and market dynamics research

Unstaked (UNSD) is a blockchain platform integrating AI agents for automated community engagement and social media interactions. Its native token supports governance, staking, and ecosystem features. This special feature explores Unstaked’s market updates, token dynamics, and platform development.
XRP News and Research

XRP News and Research

This series focuses on XRP, covering the latest news, market dynamics, and in-depth research. Featured analysis includes price trends, regulatory developments, and ecosystem growth, providing a clear overview of XRP's position and potential in the cryptocurrency market.
How do beginners trade options?How does option trading work?

How do beginners trade options?How does option trading work?

This special feature introduces the fundamentals of options trading for beginners, explaining how options work, their main types, and the mechanics behind trading them. It also explores key strategies, potential risks, and practical tips, helping readers build a clear foundation to approach the options market with confidence.

What are the risks of investing in cryptocurrency?

What are the risks of investing in cryptocurrency?

This special feature covers the risks of investing in cryptocurrency, explaining common challenges such as market volatility, security vulnerabilities, regulatory uncertainties, and potential scams. It also provides analysis of risk management strategies and mitigation techniques, helping readers gain a clear understanding of how to navigate the crypto market safely.