Wasabi Protocol $5 Million Exploit Accelerates AI-Driven DeFi Hacker Theory

Wasabi Protocol suffered an admin-key compromise that drained over $5 million from its perpetuals vaults and LongPool throughout Ethereum, Base, Berachain, and Blast, on-chain safety companies Blockaid and PeckShield reported.

The attacker gained ADMIN_ROLE by the protocol’s deployer pockets, then upgraded the vaults to a malicious implementation that siphoned person balances. About $4.55 million had been extracted eventually rely, and the investigation stays lively.

Single-Key Failure Behind the Breach

Blockaid traced the basis trigger to wasabideployer.eth, the one handle holding ADMIN_ROLE in Wasabi’s PerpManager AccessManager.

The attacker known as grantRole on the deployer EOA with zero delay, immediately turning their orchestrator contract into an admin.

“We’re conscious of a problem and are actively investigating. As a precaution, please don’t work together with Wasabi contracts till additional discover,” Wasabi Protocol urged customers.

From there, the attacker UUPS-upgraded perpetual vaults and the LongPool to a malicious implementation that drained balances.

The deployer key stays stay. Wasabi and Spicy LP-share tokens from affected vaults are flagged as compromised, with redemption worth approaching zero.

Blockaid famous the identical attacker, orchestrator, and technique bytecode tie this incident to earlier exercise focusing on Wasabi.

The sample echoes prior admin-key incidents and displays single-EOA admin setups with out timelocks or multisigs. PeckShield put the overall losses previous the $5 million mark throughout all 4 affected chains.

#PeckShieldAlert @wasabi_protocol has been exploited for $5M+ throughout a number of chains, together with Ethereum, Base, Berachain, & Blast. pic.twitter.com/zkWjEkZMMp

— PeckShieldAlert (@PeckShieldAlert) April 30, 2026

AI-Hacker Theory Gains Fresh Oxygen

Meanwhile, the incident comes solely hours after three different assaults between Tuesday and Wednesday. BeInCrypto reported the Tuesday cascade, comprising:

• Sweat Economy’s $3.46 million drain, which turned out to be a basis rescue, not a hack.
• Syndicate Commons bridge on Base misplaced 18.5 million SYND tokens price $330,000 to $400,000. The proceeds had been bridged to Ethereum.
• Aftermath Finance paused its perpetuals protocol after shedding roughly $1.14 million USDC.

It’s not in regards to the kind, it’s in regards to the amount – what’s it now, 7 hacks within the final 5 days?

— Vitto Rivabella (@VittoStack) April 30, 2026

Against these backdrops, analysts are speaking about AI considerations, citing the uneven dynamic between attacker tooling and protocol defenses.

People are asking — Is AI the tip of crypto? https://t.co/iDCMt8xJg0

— James Seyffart (@JSeyff) April 29, 2026

In the identical line of thought, developer Vitto Rivabella floated a idea that North Korea educated an in-house AI on years of stolen DeFi knowledge.

He instructed the mannequin now operates as an autonomous exploiter, draining protocols quicker than human reviewers can patch them.

“Wild conspiracy idea in regards to the current DeFi hacks: North Korea has educated its personal, state funded, model of Mythos utilizing the insane quantities of information obtained by hacking DeFi protocols during the last 10 years. Now they’re simply letting their AI DeFi hacker run free and gained’t cease cashing in till somebody stops them,” wrote Rivabella.

Whether AI is steering the recent string of exploits or not, single-key admin roles preserve giving attackers an apparent opening.

The submit Wasabi Protocol $5 Million Exploit Accelerates AI-Driven DeFi Hacker Theory appeared first on BeInCrypto.