Last week, three decentralized finance (DeFi) platforms suffered cyberattacks targeting their outdated contracts, resulting in a combined loss of nearly $5 million. These breaches affected projects no longer maintained or active and appear to exploit legacy smart contracts.

The first incident involved Aevo, previously known as Ribbon Finance, which reported a $2.7 million loss due to oracle manipulation on its old DOV vaults last Friday. The team initially announced a plan to cover part of the loss using $400,000 of company funds plus assets from inactive users. However, they later withdrew this plan and confirmed affected users would lose their entire holdings. The project reassured current Aevo users that they were not impacted. For further details, see this announcement.

On December 10, the defunct Rari Capital was hacked for about $2 million through what appears to be a contract “hijacking,” allowing the attacker to borrow assets without collateral. The attack was discovered a week later. Although Rari Capital stopped operations following previous hacks totaling $95 million in 2021 and 2022, their contracts still held approximately $2.7 million as per DeFiLlama data. The project also reached a regulatory settlement with the SEC in September 2024 concerning unregistered securities activities. More information is available here.

On Tuesday, a five-year-old contract from the originally named iEarn Finance, a precursor to Yearn Finance, lost roughly $250,000 due to a vulnerability caused by a misconfigured adapter that triggered a cascade of failures across multiple DeFi platforms. Banteg, a pseudonymous developer at Yearn, explained the attack affected an immutable TUSD contract deployed over 2,100 days ago and is unrelated to current Yearn vaults. This exploit mirrored a similar attack in 2023 that resulted in $11 million lost. Details are outlined here. Yearn has a history of hacks including an $11 million loss in 2021 and an operational loss of $1.4 million in 2023 due to slippage issues. Additional recent malfunctions have been disclosed and covered by the Yearn team.

The attacks on these inactive or abandoned projects have raised concerns about a possible targeted effort to exploit legacy contracts. A security expert and former Yearn developer known as storm0x suggested on X (formerly Twitter) that new hacking methods possibly aided by large language models (LLMs) or AI tools might be at work, specifically on deprecated DeFi contracts. They advise users to exit such older contracts promptly.

Another observer supports this view, warning that AI-assisted attacks could pose increasing danger to DeFi development by lowering the barrier to creating new exploits and attack strategies. Autonomous AI hacking may also become a threat. For instance, a recent study by Anthropic showed AI agents exploiting $4.5 million across 405 contracts and discovering zero-day vulnerabilities in thousands more with no known issues.

These events highlight vulnerabilities in older, unsupported DeFi projects and the evolving nature of cyber threats enhanced by Artificial Intelligence.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.