Specialized AI detects 92% of real-world DeFi exploits
A specialized AI security agent detected vulnerabilities in 92% of exploited DeFi smart contracts in a new benchmark study.Summary
New research from AI security firm Cecuro demonstrates that a purpose-built AI security agent significantly outperforms general-purpose models in identifying exploited DeFi vulnerabilities. The system analyzed 90 real-world smart contracts exploited between October 2024 and early 2026, covering $228 million in losses, and flagged vulnerabilities tied to $96.8 million in exploit value. In contrast, a baseline GPT-5.1-based coding agent only achieved 34% detection coverage. The specialized system's success is attributed to layering domain-specific methodology, structured review phases, and DeFi-focused security heuristics on top of the frontier model. This finding is critical as AI is accelerating crypto crime, with exploit capability doubling every 1.3 months, lowering the cost of attacks. Cecuro suggests that relying on general-purpose AI or one-off audits may miss complex vulnerabilities, noting that some contracts in the dataset had previously passed professional audits before being exploited. While the benchmark dataset and evaluation framework are open-sourced, Cecuro withheld its full security agent due to concerns about offensive repurposing.
(Source:CoinDesk)