Исследователи предупреждают, что искусственный интеллект сокращает срок актуальности аудитов
Blockchain security experts are urging crypto protocols to reaudit their smart contracts as AI tooling is making it easier for hackers to identify vulnerabilities more quickly than ever
09.07.2026 05:47 UTCCointelegraphРедакция RedBTC3 мин чтенияОдин основной источник
Иллюстрация к материалу: Искусственный интеллект
Коротко
“Our data argues for continuous review rather than a one-time audit,” TRM Labs head of policy Ari Redbord told Cointelegraph, adding that “attack techniques are moving faster than a single audit from launch day can account for.” CertiK reported Monday that hackers stole another $1.32 billion in the first half of 2026 and have adopted increasingly sophisticated strategies in response to strengthened security measures across the industry.
One of those strategies has been to revisit old codebases, CertiK said, adding that the attacker’s efforts have likely been “aided by improved automated tooling for identifying latent vulnerabilities at scale.” One of the most recent incidents involved privacy-focused blockchain Zcash, where Shielded Labs security engineer Taylor Hornby found a major security vulnerability using a custom auditing agent powered by Anthropic’s Claude Opus 4.8.
The security vulnerability, which existed for four years, could have enabled undetectable counterfeiting inside the Orchard shielded pool, one of the network’s key privacy features.
“The window of maximum vulnerability does not close after launch,” CertiK warned.
“Projects operating legacy infrastructure should treat reauditing as a recurring operational requirement rather than a one-time exercise conducted at deployment.” In December, Anthropic conducted a study finding that AI agents found $4.6 million worth of exploitable vulnerabilities in smart contracts.
Что произошло
Blockchain security experts are urging crypto protocols to reaudit their smart contracts as AI tooling is making it easier for hackers to identify vulnerabilities more quickly than ever before.
Основные детали
“Our data argues for continuous review rather than a one-time audit,” TRM Labs head of policy Ari Redbord told Cointelegraph, adding that “attack techniques are moving faster than a single audit from launch day can account for.” CertiK reported Monday that hackers stole another $1.32 billion in the first half of 2026 and have adopted increasingly sophisticated strategies in response to strengthened security measures across the industry.
One of those strategies has been to revisit old codebases, CertiK said, adding that the attacker’s efforts have likely been “aided by improved automated tooling for identifying latent vulnerabilities at scale.” One of the most recent incidents involved privacy-focused blockchain Zcash, where Shielded Labs security engineer Taylor Hornby found a major security vulnerability using a custom auditing agent powered by Anthropic’s Claude Opus 4.8.
Почему это важно
The security vulnerability, which existed for four years, could have enabled undetectable counterfeiting inside the Orchard shielded pool, one of the network’s key privacy features.
Контекст
“The window of maximum vulnerability does not close after launch,” CertiK warned.
“Projects operating legacy infrastructure should treat reauditing as a recurring operational requirement rather than a one-time exercise conducted at deployment.” In December, Anthropic conducted a study finding that AI agents found $4.6 million worth of exploitable vulnerabilities in smart contracts.
Meanwhile, there is more than $72.3 billion worth of crypto locked across hundreds of DeFi protocols, giving hackers plenty of incentive to exploit vulnerable smart contracts.
On June 14, hackers exploited a smart contract vulnerability to steal $2.1 million from the Aztec Connect, which had been shut down since March 2023.