AI-Powered Crypto Hacks: Ledger Warns of Growing Security Risks

Artificial intelligence is significantly reducing the cost and complexity of cyberattacks on cryptocurrency platforms, according to Charles Guillemet, the Chief Technology Officer of Ledger. The shift in the economics of cybersecurity is forcing a fundamental rethink of how digital asset systems maintain security as AI tools enable attackers to identify and exploit vulnerabilities more efficiently.

Speaking to CoinDesk on April 5, 2026, Guillemet stated that the cost of finding and exploiting vulnerabilities is going down to zero. He noted that AI-generated code and increasingly sophisticated malware are making hacks cheaper and faster, which necessitates a transition toward hardware-based security, offline storage, and formal verification.

The Scale of Crypto Asset Losses

The warnings from Ledger’s CTO come amid a period of significant financial losses within the ecosystem. Data from DefiLlama indicates that over $1.4 billion in assets were stolen or lost through crypto attacks over the past year.

Recent high-profile exploits illustrate the ongoing volatility of the security landscape. In the week leading up to April 5, 2026, the Solana-based decentralized finance protocol Drift was exploited, resulting in the loss of $285 million in digital assets. An attack on the yield protocol Resolv led to $25 million in losses the week prior to the Drift exploit.

Evolution of Attack Vectors

While AI is accelerating the speed of attacks, the threat landscape also includes sophisticated social engineering and technical exploits. Ledger has identified several evolving methods used to defraud users:

• AI-powered deepfakes and social engineering designed to exploit human psychology.
• Address poisoning, where attackers exploit the tendency of users to copy-paste wallet addresses from transaction histories.
• Clipboard hijackers that monitor for wallet addresses and replace them with the attacker’s address.
• Physical threats, such as the $5 wrench attack, which can undermine advanced digital security systems.

Beyond AI-driven exploits, supply chain vulnerabilities remain a critical risk. In September 2025, Ledger warned of a large-scale supply chain attack involving a phishing email from a fake npm support domain. This attack allowed perpetrators to publish malicious package updates that targeted web crypto activity on chains including Ethereum and Solana, attempting to hijack transactions by replacing wallet addresses in network responses.

Proposed Security Mitigations

Guillemet suggests that users should operate under the assumption that many current systems will eventually fail. To counter these threats, Ledger advocates for the use of hardware wallets, which are designed to withstand supply chain compromises and malicious code execution.

Specific security features highlighted include Clear Signing, which provides human-readable transaction fields so users can confirm the exact intent of an approval. Transaction checks are used to flag suspicious activity before a transaction is finalized.

The broader industry is also exploring the integration of AI to combat these risks. MoonPay has introduced Ledger-secured AI crypto agents specifically designed to address the risks associated with wallet keys.

These developments follow a trend of increasing sophistication in digital theft. According to a Chainalysis report, approximately 0.14% of total on-chain transaction volume in 2024 was associated with illegal activities, including hacks, money laundering, and scams.