DeFi’s latest hack resurgence has a new ingredient. Immunefi CEO Mitchell Amador blames the spread of “frontier” AI models, calling them the main catalyst behind the uptick in attacks.
In an interview framed around crypto security, Amador’s core claim is simple. New AI models are not just changing how people build. They are changing how attackers find and exploit weaknesses. Cointelegraph reports this as the driver behind a “vulnerability apocalypse” narrative in the DeFi security cycle.
Why AI shows up in security incidents
“Frontier” AI models can widen the attacker toolbox even when the target is still a smart contract. The practical risk comes from acceleration and scaling. Faster experimentation means more attempts at probing systems. More probing means more chances to stumble into misconfigurations, broken assumptions, or logic gaps.
DeFi is already optimized for speed. Funds move by code, not by paperwork. When new tooling helps people test code and workflows quickly, it also helps criminals test for failure faster. That is the mechanism Immunefi’s CEO is pointing at when he links the model boom to the hack boom.
The incentive problem DeFi can’t fully firewall
Even without new tech, DeFi sits on a permanent stress test. Liquidity incentives pull value toward new markets. Integrations pull protocols into shared dependency chains. Oracles, keepers, routers, and vaults add moving parts.
Add fast iteration on top of that. Attackers do not need a perfect exploit on their first try. They need enough openings to find something profitable before defenders patch and roll back.
This is why the security conversation keeps drifting back to workflow risks, not just contract math. In Cointelegraph’s framing, “frontier” AI models function as a catalyst for the next wave of vulnerability discovery and exploitation, which tends to surface the same underlying weakness. DeFi cannot fully insulate itself from the reality that codebases get updated, integrated, and extended under time pressure.
What “vulnerability apocalypse” implies for teams
Amador’s comment is not a claim that AI instantly creates bugs. It is a warning that the discovery and exploitation curve can steepen when new tooling spreads.
For teams, the consequence is unglamorous but real. Security programs need to assume that more vulnerabilities will be found sooner, not later. They also need to treat monitoring and incident readiness as part of the system design, because “fixed in time” is not the only goal.
Where this leaves the Defi security posture
Cointelegraph’s report ties the resurgence in DeFi hacks directly to the proliferation of frontier AI models, with Immunefi CEO Mitchell Amador naming them as the main catalyst. That statement sets the lens for how defenders should interpret the next incidents. If attackers can iterate and test more efficiently, then the baseline expectation shifts.
DeFi will still rely on audits, bug bounties, and testing. But the story Amador is telling is about tempo. The tempo may be getting faster because the underlying tools are improving.
| Claim | Source | What it means for DeFi security |
|---|---|---|
| Proliferation of new frontier AI models is the main catalyst behind the latest resurgence in DeFi hacks | Cointelegraph citing Immunefi CEO Mitchell Amador | AI tools may accelerate vulnerability discovery and exploitation |
| “Vulnerability apocalypse” framing for crypto security | Cointelegraph | Security incidents may rise as the vulnerability discovery curve steepens |
The next step for the ecosystem is less about chasing AI headlines and more about tightening the boring parts that determine how quickly an exploit becomes a loss. If Amador is right about the catalyst, speed and readiness matter as much as correctness.