The CEO of blockchain security firm CertiK, Ronghui Gu, has stated that traditional financial institutions are preparing to move trillions of dollars in assets onto blockchain, but growing cyberattack fears are causing significant delays. Although the efficiency of decentralized systems is highly attractive, financial giants and banks remain hesitant due to operational threats and soaring security risks.
Barriers to institutional funds
Gu highlighted that blockchain-based asset transfers bring many new vulnerabilities—such as AI-driven attacks, smart contract flaws, oracle manipulations, and cross-chain bridge exploits. These risks are causing mainstream financial firms to step back from onchain asset management, according to CertiK’s analysis.
Glossary: Oracle manipulation occurs when malicious actors exploit the systems that feed external data to smart contracts, deceiving decentralized protocols and triggering wrong actions. Such attacks have led to major losses in DeFi applications.
Ai-powered attacks accelerate
Attacks in April marked the worst period in four years, with CertiK’s statistics showing that there were only three days in the entire month without a hack. Gu emphasized that artificial intelligence-powered tools are now playing a dominant role in the surge of incidents. In particular, security loopholes in cross-chain bridges are enabling risks to spread rapidly across ecosystems.
In April, North Korea-linked cybercriminals targeted Drift Protocol and Kelp Dao, leading to combined losses of about $600 million across two separate attacks. Earlier in the year, crypto exchange Bybit suffered one of the largest heists ever recorded, with a staggering $1.46 billion in losses.
Ronghui Gu underscored that April represented a four-year low point, noting that only three days were incident-free—primarily due to the use of artificial intelligence in most attacks.
Imbalance between attackers and defenders
Gu explained that malicious actors usually operate with unlimited resources, tilting the competition in their favor. Attackers often spend thousands of dollars and weeks using advanced tools to locate vulnerabilities in protocols holding millions in assets, while defenders must conduct short security reviews with limited budgets and time.
CertiK’s CEO added that the firm serves over 5,000 clients, combining human expertise and automated processes within strict budget constraints during every assessment. This approach narrows the defensive advantage, making it easier for attackers who continuously hunt for weaknesses.
Broadening threats in the ecosystem
Data from DeFiLlama reveals that in the past year alone, cross-chain infrastructure breaches have cost the decentralized finance sector more than $1.1 billion. Experts warn that attacks are picking up speed and that advances in AI are tipping the scales toward the attackers even further.
| Month | Total Hacks | Total Loss (USD) |
|---|---|---|
| April 2024 | 30+ | 600 million |
| February 2025 | 1 (Bybit) | 1.46 billion |
| 2023-2024 total | 100+ | 1.1 billion |
Gu reiterated that attacks are not only becoming faster but also more sophisticated, warning that the trends seen in April could persist throughout the year. The current outlook creates a formidable security barrier to the integration of financial assets on blockchain networks.
