April 2024 set a new record for DeFi exploits with 28 separate incidents draining $635 million in total losses. The Defiant reports that this month broke prior benchmarks for attack volume.
The attack vector shifted dramatically from previous quarters. Smart contract vulnerabilities, historically the dominant exploit method, took a backseat. Instead, hackers deployed social engineering attacks, bridge spoofing schemes, and AI-powered reconnaissance to compromise protocols and wallets.
Bridge exploits proved particularly effective. Cross-chain bridges remain critical infrastructure but operate with elevated risk profiles. Attackers spoofed bridge transactions to drain liquidity pools and user deposits. Social engineering campaigns targeted protocol developers and custodians directly, bypassing technical security entirely.
AI-assisted reconnaissance enabled attackers to map wallet relationships, identify whale movements, and predict high-value transaction targets. This automation accelerated attack planning cycles and reduced detection windows.
The $635 million total reflects a 40 percent increase over March's losses. Major protocols continued patching known vulnerabilities, yet the shift toward human-centric and cross-chain attacks outpaced defensive responses. The data reveals DeFi's dependency on bridge security and the emerging threat from AI-powered threat actors.