Dragonfly managing partner Haseeb Qureshi said annualized losses from DeFi hacks in 2026 remain below 2025 levels and within the historical range, brushing off fears of an AI-driven "hackpocalypse."
The headline aggregate masks a more interesting split: incident counts are up, but the median loss per hack keeps falling. Qureshi frames that as attackers drifting toward smaller or abandoned protocols, where defenses are thinner and payoff per exploit is lower. Losses from admin-key and multisig compromises have also declined, while larger protocols look more resilient after tightening their posture against AI-enabled attack tooling.
Why it matters
The narrative around DeFi security has skewed toward existential risk from AI-augmented attackers for two years. Qureshi's read is that the structural defenses, audits, bug bounties, and timelocks on the protocols holding the most TVL, are doing their job, and that the marginal cost of attacking hardened code has pushed adversaries down the stack. The "hackpocalypse" framing, in his telling, conflates frequency with severity.
Market impact
For investors and builders, the implication is that capital concentration in battle-tested protocols is not the liability it was 24 months ago. The flip side: long-tail protocols, forks, and unaudited deployments remain the soft underbelly, and that is where the elevated incident count is being absorbed.
Frequently asked questions
-
What does this mean for where capital sits in DeFi?
Concentration in battle-tested, high-TVL protocols looks less risky than it did 24 months ago, while the long tail of forks, unaudited deployments, and abandoned code remains the soft underbelly.
WuBlockchain