A Chainalysis report reveals that attackers have stolen at least $36.7 million from unverified smart contracts in the past six months. Protocols such as Truebit, Trusted Volumes, Aperture Finance, and Ekubo have been targeted due to their unverified source code. Attackers exploit vulnerabilities by decompiling raw bytecode, a process increasingly aided by AI tools that identify vulnerability patterns at scale.
The report highlights that unverified contracts lack community scrutiny and are often not included in bug bounty programs, making them attractive targets. The decreasing barrier to AI-assisted decompilation and vulnerability analysis allows attackers to systematically scan thousands of unverified contracts. Chainalysis recommends that protocols verify all contract code, audit deployed contracts, expand bug bounty programs, and implement real-time on-chain monitoring to enhance security.
Unverified Smart Contracts Face $36.7 Million in Thefts Over Six Months
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.