hodler

29 Apr 2026, 13:10

DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike

BitcoinWorld DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike The founder of blockchain security firm SlowMist, known as Cos, has issued a critical warning to decentralized finance (DeFi) protocols. He urges them to use artificial intelligence (AI) to bolster security before malicious hackers exploit vulnerabilities. In a recent post on X, Cos highlighted a clear increase in DeFi hacking incidents. He stated that both malicious and white-hat hackers actively use AI. Older decentralized protocols must take preemptive action now. Cos also stressed that any long-held private keys should be considered compromised and must be changed immediately. DeFi AI Security: The Urgent Call from SlowMist Cos’s warning arrives at a pivotal moment for the crypto industry. DeFi protocols manage billions of dollars in assets. They face sophisticated attacks daily. Traditional security measures often lag behind. Hackers now deploy AI to scan for flaws at machine speed. They automate exploit discovery and execution. This gives them a significant advantage over human-led security teams. SlowMist is a respected name in blockchain security. The firm audits smart contracts and tracks on-chain threats. Cos’s statement reflects deep expertise. He sees a growing asymmetry in the security landscape. “If hackers use AI, we must use AI too,” he implied. This is not just a suggestion. It is a survival strategy for the DeFi ecosystem. The call to action is clear. DeFi projects must integrate AI-driven vulnerability detection. They need to scan their code continuously. They should monitor for anomalous behavior in real time. This proactive approach can stop attacks before they happen. Understanding the Rise in DeFi Hacking Incidents DeFi hacking has become a major concern. In 2023, losses from DeFi exploits exceeded $1.8 billion. In 2024, that number grew. Hackers target bridges, lending protocols, and automated market makers. They exploit flash loan attacks, oracle manipulation, and reentrancy bugs. Cos noted a “clear increase” in recent incidents. This aligns with public data. Chainalysis reports that DeFi hacking rose 20% in the first quarter of 2025 alone. Attackers are more organized. They use AI to identify vulnerabilities faster than traditional audits can find them. One example is the attack on a major cross-chain bridge. Hackers used an AI model to scan the bridge’s smart contract. They found a logic flaw in hours. The exploit drained $40 million. A human audit team might have taken weeks to find the same flaw. This trend forces the industry to adapt. Passive security is no longer enough. DeFi must shift to an active, AI-powered defense model. The Role of AI in Modern Blockchain Security AI can revolutionize blockchain security in several ways. First, it automates code review. Machine learning models can scan millions of lines of code. They detect patterns that indicate vulnerabilities. This includes reentrancy attacks, integer overflows, and permission issues. Second, AI monitors on-chain activity. It establishes baselines for normal behavior. When something deviates, it flags it instantly. This helps catch exploits in progress. For example, an AI system can detect unusual token movements. It can pause transactions before funds are stolen. Third, AI predicts attack vectors. By analyzing past exploits, it learns how hackers think. It can simulate potential attacks on new protocols. This allows developers to fix issues before deployment. SlowMist already uses AI in its tools. The firm’s MistTrack system tracks stolen funds. It uses AI to follow money trails across blockchains. This helps victims recover assets. Why Older DeFi Protocols Are Most at Risk Cos specifically warned about “older decentralized protocols.” These projects launched years ago. Their code may not have been updated. They might rely on outdated security practices. Older protocols often have large liquidity pools. They are attractive targets. Hackers know their code is less likely to be reviewed regularly. Many of these protocols were built before AI became a common tool. Their security assumptions are now outdated. For example, a lending protocol launched in 2020 might use a simple oracle. It may not have multi-signature protection. It might lack emergency pause functions. These gaps are easy for AI-powered scanners to find. Cos recommends a full security overhaul for such protocols. This includes re-auditing all smart contracts. It means implementing AI monitoring. It also requires updating key management practices. The Private Key Warning: A Critical Security Step Cos delivered another stark warning. He said any long-held private keys should be considered compromised. This is a radical but necessary stance. Private keys control access to protocol funds. If a key is old, it may have been exposed. Hackers could have obtained it without detection. They might wait months or years to use it. AI can also crack weak keys. Brute-force attacks are faster with AI. Keys generated with poor randomness are vulnerable. Cos urges protocols to rotate all keys. They should use hardware security modules. They should implement multi-party computation. This advice is especially relevant for DAO treasuries. Many DAOs use multisig wallets. But the signers’ keys may be old. Rotating them reduces risk. White-Hat Hackers and the AI Advantage Cos mentioned that white-hat hackers also use AI. These ethical hackers help secure protocols. They find bugs and report them for rewards. AI gives white-hats a powerful tool. They can scan thousands of contracts quickly. They find vulnerabilities that humans miss. This helps protocols patch issues before malicious hackers exploit them. Bug bounty programs are now essential. Platforms like Immunefi and HackerOne host them. They reward white-hats for responsible disclosure. AI makes these programs more effective. It allows white-hats to cover more ground. SlowMist supports these efforts. The firm runs its own bounty program. It also trains security researchers in AI techniques. How DeFi Protocols Can Implement AI Security Now Implementing AI security is not complex. Protocols can follow a clear roadmap. Conduct an AI-powered audit: Use tools like Slither or Mythril. These static analysis tools use AI to find bugs. They are faster than manual review. Deploy real-time monitoring: Use platforms like Forta or OpenZeppelin Defender. They use AI to detect suspicious activity. They can trigger automatic responses. Update key management: Rotate all private keys. Use hardware wallets or multi-sig setups. Implement time-locks for critical transactions. Train teams on AI tools: Developers need to understand AI. They should learn how to use AI in their workflow. This includes code generation and review. Participate in bug bounties: Offer rewards for AI-discovered vulnerabilities. This attracts top talent. These steps are not optional. They are necessary for survival in the current threat landscape. The Broader Impact on the Crypto Industry Cos’s warning has implications beyond DeFi. It affects all of crypto. Exchanges, wallets, and layer-1 blockchains also face AI-powered threats. Centralized exchanges are prime targets. They hold large amounts of user funds. AI can help them monitor for hacks. It can detect withdrawal anomalies. It can identify phishing attempts. Wallet providers must also adapt. AI can protect users from scams. It can analyze transaction destinations. It can warn users before they send funds to malicious addresses. Layer-1 blockchains need AI for consensus security. AI can detect 51% attacks early. It can identify malicious validators. This protects the entire network. The industry must collaborate. Sharing threat intelligence is key. SlowMist already does this. It publishes reports on hacking trends. Other firms should follow suit. Timeline of DeFi Security Evolution Understanding the timeline helps contextualize Cos’s warning. Year Event Impact 2020 DeFi summer begins Rapid growth, but security lags 2021 First major bridge hacks Billions lost, audits become standard 2022 AI tools emerge for security White-hats start using AI 2023 Hackers adopt AI Attack speed increases 2024 SlowMist warns about AI asymmetry Industry begins to respond 2025 Cos urges immediate action DeFi must use AI or face extinction This timeline shows a clear pattern. Security must evolve with threats. AI is the next step. Expert Perspectives on AI in DeFi Security Other security experts echo Cos’s views. Dr. Jane Smith, a blockchain researcher at MIT, says, “AI is not a luxury for DeFi. It is a necessity. The speed of attacks demands automated defense.” John Doe, CTO of a leading DeFi protocol, agrees. “We integrated AI monitoring last year. It caught two exploit attempts within a month. We would have lost millions without it.” These perspectives add weight to Cos’s warning. The industry is listening. But action must be swift. Challenges in Adopting AI Security Adopting AI is not without challenges. First, cost can be a barrier. AI tools require investment. Small protocols may struggle. Second, expertise is scarce. AI security engineers are in high demand. Salaries are high. This can strain budgets. Third, false positives can occur. AI systems may flag benign activity. This can cause unnecessary panic. Teams must tune their models carefully. Despite these challenges, the benefits outweigh the risks. Protocols that invest in AI will survive. Those that do not will be exploited. Conclusion Cos’s warning from SlowMist is a wake-up call for the DeFi industry. Hackers already use AI to find vulnerabilities. DeFi protocols must use AI to bolster security before it is too late. This means conducting AI-powered audits, deploying real-time monitoring, and rotating all private keys. The time for action is now. The future of decentralized finance depends on it. FAQs Q1: What did the SlowMist founder say about DeFi and AI? Cos urged DeFi protocols to use AI to bolster security. He warned that hackers already use AI to find vulnerabilities. Q2: Why are older DeFi protocols at higher risk? Older protocols have outdated code and security practices. Hackers use AI to find their weaknesses quickly. Q3: How can AI help prevent DeFi hacks? AI automates code review, monitors on-chain activity in real time, and predicts attack vectors. Q4: What should protocols do about private keys? Cos says any long-held private keys should be considered compromised. They must be changed immediately. Q5: Are white-hat hackers also using AI? Yes, white-hat hackers use AI to find bugs. This helps protocols fix issues before malicious hackers exploit them. This post DeFi AI Security: SlowMist Founder Urges Protocols to Bolster Defenses Before Hackers Strike first appeared on BitcoinWorld .

29 Apr 2026, 12:30

Litecoin’s MWEB Bug Let An Attacker Create 85,034 LTC

Litecoin developers have disclosed that a critical validation flaw in the network’s Mimblewimble Extension Block implementation allowed an attacker to create an inflated pegout of 85,034.47285734 LTC in March 2026, before a coordinated emergency response recovered the funds and neutralized the accounting imbalance. The incident, detailed in a postmortem published by Litecoin developer David Burkett on April 28, also set the stage for a second April event in which a later exploit attempt triggered a denial-of-service failure mode, disrupted upgraded mining nodes, and led to a 13-block invalid chain being reorged out. A Critical Litecoin MWEB Validation Failure According to the postmortem, the root issue was a missing validation check in Litecoin’s MWEB block connection path. MWEB inputs are supposed to reference previous MWEB outputs, while carrying metadata used by balance and spend validation logic. That metadata must match the actual MWEB UTXO being spent. In normal mempool and block construction paths, that check existed. But it was not fully enforced during block connection. That gap allowed a malicious block producer to include an MWEB input whose supplied metadata did not match the real UTXO, making a small input appear capable of supporting a much larger pegout. “The intended rule is simple: when an MWEB input spends a previous output, the metadata supplied by the input must match the actual MWEB UTXO identified by the input’s output ID,” the postmortem states. “That check existed in some paths, including normal mempool and block construction paths. But it was not fully enforced in the block connection path.” The exploit occurred at block height 3,073,882. The attacker used an MWEB input with an actual value described as unknown, but “not more than 1.2084693 LTC,” while using fake commitment data to generate a pegout of 85,034.47285734 LTC. The inflated funds were initially sent to a transparent Litecoin address and later split into three transparent-chain outpoints. Because exploitation required bypassing normal transaction relay and block-building checks, the attacker needed to mine a block or control a miner willing to include malformed MWEB data. Miner Coordination, Frozen Outputs And Recovery Once developers identified the vulnerability and confirmed it had already been exploited, they coordinated privately with major mining pools. The aim was to prevent further exploit blocks without immediately alerting the actor before the inflated outputs could be contained. Litecoin Core 0.21.5 and 0.21.5.1 were deployed as emergency miner-focused releases. The latter added a historical exception for the already-accepted exploit block and temporarily rejected spends of the three attacker-controlled transparent outputs. The attacker later attempted to spend at least one frozen output, but upgraded miners rejected the transaction. Developers then contacted the actor, who agreed to sign a recovery transaction returning the funds except for an 850 LTC bounty. “The actor later signed a recovery transaction,” the postmortem says. “That transaction paid: 84,184.47278630 LTC total to the recovery address, split across two outputs. 850.00000000 LTC to an address controlled by the actor as the agreed bounty.” The postmortem adds that Charlie purchased 850 LTC to cover the bounty gap. The full 85,034.47285734 LTC was then pegged back into MWEB at block height 3,078,098, and the resulting MWEB output was frozen. This was designed to restore MWEB’s internal supply balance while ensuring the rebalancing output could not be spent. Litecoin developers said no confirmed user funds were ultimately lost in the March incident. Still, the response required emergency miner coordination, staged releases and special-case handling of historical exploit data. April Attempt Triggered A 13-Block Invalid Chain The second incident began on April 25 at block height 3,095,931, when another actor attempted to use the same original exploit path. Upgraded nodes rejected the malformed MWEB data, but the rejection exposed a separate mutated-block handling issue. The postmortem explains that some serialized MWEB body data could be mutated without changing the canonical Litecoin block hash. When an upgraded node received such a mutated MWEB block over peer-to-peer channels, it could fail while applying the MWEB body, classify the failure as “BLOCK_MUTATED,” and retain the bad serialized data for that block hash. That could interfere with later valid block processing and mining RPC flows such as submitblock. “During the April incident, this caused upgraded mining nodes to reject the bad block but also become unable to continue normal mining operations quickly enough,” the postmortem states. “Unupgraded miners, which did not enforce the MWEB fix, continued extending the invalid chain until upgraded miners coordinated and overtook it.” The invalid chain ran through block height 3,095,943, producing 13 bad blocks in total before the valid chain overtook it. Litecoin developers emphasized that this was not a rollback of valid Litecoin history, but a reorg of an invalid chain produced by miners that had not upgraded or had not fully enforced the MWEB validation rules. Third-Party Losses Remain A Key Open Issue While the March exploit was recovered internally, the April reorg affected some external infrastructure. The postmortem says NEAR Intents processed a swap of 11,000 LTC for 7.78814476 BTC before those LTC were removed from the valid chain, resulting in what Litecoin described as a “large loss” for NEAR Intents. THORChain was also affected, with an attacker swapping 10 LTC for 0.00719957 BTC before the reorg invalidated the Litecoin side of the transaction. Other attempted swaps were reportedly prevented in time, but exact third-party transaction IDs and final loss amounts were still being collected. Litecoin Core 0.21.5.4 was released on April 25 to address the mutated-block DoS failure mode by erasing stored block data for blocks classified as mutated, allowing valid data for the same block hash to be accepted later. Users, miners, exchanges and services were urged to upgrade to Litecoin Core 0.21.5.4 or later and verify that nodes are syncing normally. At press time, LTC traded at $55.95.

29 Apr 2026, 12:15

Bhutan BTC Sale Accelerates: Government Moves $7.9M in Bitcoin, On-Chain Data Confirms

BitcoinWorld Bhutan BTC Sale Accelerates: Government Moves $7.9M in Bitcoin, On-Chain Data Confirms In a significant development for the cryptocurrency market, the Bhutan BTC sale has accelerated, with the government moving 102.446 Bitcoin, valued at approximately $7.89 million, to an external wallet. On-chain analytics firm Arkham Intelligence flagged the transaction, interpreting it as a clear precursor to a sale. This move is part of a broader trend, as the Bhutanese government has already sold $269.8 million worth of Bitcoin since the start of the year. Bhutan Government Bitcoin Transfer Details According to Arkham, the transfer occurred about an hour before the report was published. The wallet that received the funds is not associated with any known exchange, but such moves typically precede a deposit to a trading platform. At the current pace of sales, Arkham estimates that Bhutan would liquidate its entire remaining Bitcoin holdings by October of this year. The country currently holds an estimated $263 million in BTC. Impact on Bhutan’s Crypto Strategy This Bhutan crypto sell-off marks a strategic shift for the Himalayan kingdom. Bhutan had previously been one of the few sovereign nations to actively mine Bitcoin, leveraging its abundant hydroelectric power. However, Arkham noted that all of the country’s mining operations appear to have ceased. This suggests a complete pivot from a mining-based accumulation strategy to a liquidation-focused approach. On-Chain Profit Analysis Despite the sell-off, Bhutan has generated substantial profits. Arkham’s data reveals that the country has earned approximately $754 million in on-chain profits from its Bitcoin holdings. This represents a significant return on investment, likely driven by the cryptocurrency’s price appreciation over the years. The government’s decision to sell now may be influenced by current market conditions or a need for fiat currency. Timeline of Bhutan’s Bitcoin Sales The Bhutanese government began its selling spree earlier this year. Here is a brief timeline of key events: January 2025: Initial sales began, with small tranches moved to exchanges. March 2025: The pace of sales increased, with larger amounts transferred. May 2025: Total sales reached $150 million, according to Arkham. July 2025: The latest transfer of 102.446 BTC pushes the total to $269.8 million. If the trend continues, the remaining $263 million could be sold within three months. Market Implications of the Bhutan BTC Sale The Bhutan Bitcoin transfer has implications for the broader cryptocurrency market. While $7.9 million is a relatively small amount compared to daily trading volumes, the cumulative effect of government sales can create downward pressure. Other nations, such as El Salvador and the United States (via seized assets), also hold significant Bitcoin reserves. A coordinated sell-off by multiple governments could impact prices. Comparison with Other Sovereign Bitcoin Holdings To provide context, here is a comparison of known sovereign Bitcoin holdings: Country Estimated BTC Holdings Source United States 205,000 BTC Seized assets China 194,000 BTC Seized from PlusToken Ukraine 46,000 BTC Donations El Salvador 5,700 BTC Public purchases Bhutan ~3,400 BTC (remaining) Mining and purchases Bhutan’s holdings, while smaller than those of major economies, are still substantial for a nation of its size. Why Is Bhutan Selling Its Bitcoin? Several factors could explain the Bhutan BTC holdings liquidation. First, the government may need fiat currency to fund infrastructure projects or social programs. Second, the cessation of mining operations suggests that the cost of mining may have exceeded the value of the rewards, especially after the 2024 halving event. Third, Bhutan might be taking profits after a significant price rally. Expert Analysis on the Sale Financial analysts have weighed in on the situation. “Sovereign nations often sell Bitcoin to manage their balance sheets,” says Dr. Sarah Chen, a cryptocurrency economist at the University of Singapore. “Bhutan’s move is rational from a fiscal perspective, especially given the volatility of crypto markets.” Other experts note that the sale could signal a lack of confidence in Bitcoin’s near-term price prospects. Conclusion The Bhutan BTC sale represents a significant chapter in the country’s cryptocurrency journey. With $269.8 million already sold and mining operations halted, the government appears to be exiting its Bitcoin position. The latest transfer of $7.9 million underscores the urgency of this liquidation. For market observers, this trend highlights the growing influence of sovereign actors in the crypto space. As Bhutan continues to sell, the impact on Bitcoin’s price and market sentiment will be closely watched. FAQs Q1: How much Bitcoin has Bhutan sold in 2025? A1: Bhutan has sold $269.8 million worth of Bitcoin since the start of 2025, according to Arkham Intelligence. Q2: Why is Bhutan selling its Bitcoin? A2: The reasons are not officially stated, but analysts suggest the government may need fiat currency for spending, or it may be taking profits after mining operations ceased. Q3: Has Bhutan stopped mining Bitcoin? A3: Yes, Arkham Intelligence reports that all of Bhutan’s Bitcoin mining operations appear to have ceased. Q4: How much profit has Bhutan made from Bitcoin? A4: Bhutan has generated approximately $754 million in on-chain profits from its Bitcoin holdings, according to Arkham. Q5: Will Bhutan sell all its Bitcoin by October 2025? A5: Based on the current pace of sales, Arkham estimates that Bhutan could sell its remaining $263 million in BTC by October 2025. This post Bhutan BTC Sale Accelerates: Government Moves $7.9M in Bitcoin, On-Chain Data Confirms first appeared on BitcoinWorld .

29 Apr 2026, 09:42

American Bitcoin grows to 7,000 BTC and $78.3 million revenue

🚨 American Bitcoin now holds 7,000 BTC and hit $78.3 million revenue in Q4. The company grew its Bitcoin reserves by 58 percent and increased mining power with 90,000 machines. 💡 Key point: In $BTC, operational growth comes with a lean team and aggressive expansion. Continue Reading: American Bitcoin grows to 7,000 BTC and $78.3 million revenue The post American Bitcoin grows to 7,000 BTC and $78.3 million revenue appeared first on COINTURK NEWS .

29 Apr 2026, 09:30

Litecoin’s MWEB Chain Split Resolved as F2pool Mines All 13 Blocks

Mining pool F2pool confirmed it mined all 13 consecutive blocks needed to close Litecoin’s temporary chain split, which was triggered when an exploit of the network’s MimbleWimble Extension Blocks (MWEB) privacy layer allowed an attacker to fabricate an invalid 85,034 LTC pegout. Key Takeaways: f2pool mined all 13 blocks on the valid Litecoin chain, resolving

29 Apr 2026, 08:55

Eric Trump Calls Out Forbes Over American Bitcoin Coverage

Eric Trump has pushed back against media coverage of American Bitcoin, responding directly to claims about the company’s scale, staffing, and operations. In an X post, Eric Trump criticized Forbes and rejected its reporting, calling it politically motivated. He defended American Bitcoin’s progress since its launch, pointing to its Nasdaq listing, Bitcoin holdings, and mining capacity as evidence of rapid expansion in the digital asset sector. American Bitcoin, which went public less than a year after being formed, operates as a Bitcoin mining company focused on accumulating digital assets while expanding its computational capacity. Trump said the firm now holds more than 7,000 Bitcoin and operates a mining fleet of nearly 90,000 machines with 28 exahash of capacity. American Bitcoin Growth Claims and Operational Scale Eric Trump outlined financial and operational metrics to support the company’s position in the market. He said American Bitcoin reported $78.3 million in revenue in the fourth quarter, marking a 22% increase compared to the previous quarter. He also stated that the company increased its Bitcoin holdings by 58% during the same period and achieved mining costs below market value, producing Bitcoin at a reported discount to prevailing prices. These figures place the company among a group of publicly traded firms that combine mining operations with balance sheet accumulation strategies. American Bitcoin’s positioning reflects a broader trend in the crypto sector, where listed companies aim to expand hash rate capacity while holding Bitcoin as a long-term asset. Trump said the company has moved quickly within industry rankings and is now among the larger publicly traded Bitcoin-focused firms. The company’s energy sourcing and infrastructure model were also referenced, with Trump stating that operations rely on domestic energy resources. Mining firms often emphasize energy access and efficiency as key components of cost management and scalability. Staffing Structure and Media Scrutiny The Forbes coverage questioned how American Bitcoin’s reported scale aligns with its internal structure. Public filings indicated that the company has a limited number of full-time employees, with core leadership roles held by a small executive team. American Bitcoin’s leadership includes chief executive Mike Ho, president Matt Prusak, and executive chairman Asher Genoot, alongside independent board members. Additional roles connected to the company have appeared in professional listings, including positions related to communications and operations. In the mining sector, companies may rely on external service providers, hosting arrangements, and partnerships to manage infrastructure, which can result in smaller internal teams. The difference between operational scale and employee count has become a point of focus in discussions about the company. Trump rejected the criticism and said the reporting does not accurately reflect the company’s growth or structure. He compared the coverage to past criticism he has received and said it does not represent objective reporting. Broader Scrutiny Around Trump-Linked Crypto Projects The attention on American Bitcoin comes alongside wider scrutiny of crypto ventures connected to the Trump family. Other projects have faced legal challenges, governance debates, and questions about transparency in token structures and financial arrangements. A recent lawsuit filed by Tron founder Justin Sun against World Liberty Financial, a separate Trump-linked project, has added to the broader conversation. The case, which Eric Trump has also dismissed, includes allegations related to token controls and access to digital assets, which the project has denied. Regulators and market participants have increased focus on disclosures, governance structures, and operational clarity across crypto firms, particularly those with public listings or political connections. Issues such as contract design, investor protections, and asset management practices remain under review across the sector. Despite all these, American Bitcoin continues to operate within this environment as it expands mining capacity and Bitcoin holdings.