Two North Korea-linked cybercrime-related hacks in April, which drained almost $600 million from DeFi protocols Drift Protocol ($285 million) and Kelp DAO ($292 million), were attributed to two North Korean-linked hackers who used AI to select targets and design exploits. The attacks, which came just over two weeks apart, were devastating for the platform itself and triggered $9 billion in outflows from Aave, the largest decentralised lending protocol. The heists, which netted nearly $600m, accounted for 76% of all crypto hack losses in 2026 so far. Both attacks are widely attributed to North Korea linked groups. The sophistication of the heists suggests that the attackers used artificial intelligence to select their targets, making them highly likely to use this method. The rise in DeFi exploits is seen as a sign that attackers are using widely available AI models to deploy widely available models. Cybersecurity experts believe that the cost of vulnerability detection is decreasing due to the increasingly sophisticated use of these models.