Ronghui Gu, CEO and co-founder of blockchain security firm CertiK, has reported that April marked a significant downturn for decentralized finance (DeFi), with hacks occurring on 27 out of 30 days. This alarming trend raises concerns as traditional financial institutions consider moving substantial assets onto blockchain networks.
In an interview with CoinDesk, Gu emphasized that while many institutions are eager to transition their assets to onchain systems, the persistent threat of cyberattacks is a significant deterrent. “Right now, more and more institutions are trying to move assets onchain,” he stated. “They imagine that, let’s say in 10 years, multiple trillion dollars — even tens of trillions of dollars — of assets are going to move onchain.” However, the current security landscape poses considerable risks.
Gu pointed out that as financial institutions contemplate this migration, they must contend with various threats, including AI-driven attacks, vulnerabilities in smart contracts, oracle manipulation, and cross-chain bridge hacks. These issues are seen as major obstacles preventing the full-scale adoption of blockchain technology by traditional finance.
April’s statistics were particularly troubling, with CertiK documenting nearly daily hacks throughout the month. Gu noted that this was the worst month for DeFi security in four years, driven primarily by AI-enhanced attacks. “April was the worst month in four years with only three days without a hack,” he remarked, indicating a concerning trend that could persist.
High-profile incidents further underscore the risks. North Korean hackers exploited the Drift Protocol and Kelp Dao in April, siphoning nearly $600 million from two lending pools. Earlier, in February 2025, Bybit experienced a staggering $1.46 billion breach, marking it as one of the largest hacks ever recorded.
According to data from DefiLlama, over $1.1 billion has been lost to DeFi hacks within the past year, revealing significant vulnerabilities in cross-chain infrastructure that can impact the entire ecosystem.
Gu described the ongoing situation as an “unfair game” favoring malicious actors who have virtually unlimited resources. Hackers tend to target protocols with substantial total value locked (TVL), making their exploits economically attractive. For instance, a single attacker might invest $10,000 to $20,000 in computing resources to conduct continuous vulnerability assessments on a target protocol.
In contrast, defenders are often constrained by tight budgets and limited resources. Gu explained, “We have 5,000 clients. When we receive a request from a client, there’s a budget. We will spend tokens plus human experts within that budget.” This creates a significant disparity between the resources available to attackers and those allocated for defense.
Gu warned that the trend of increasing exploits, particularly those driven by AI, is likely to continue throughout the year. As traditional finance weighs the benefits of blockchain technology, the pressing need for enhanced security measures becomes ever more critical.
April was a challenging month for DeFi, with widespread hacks raising concerns about the security of blockchain technology as traditional finance considers onchain asset migration. CEO Ronghui Gu of CertiK highlights the risks posed by AI-driven attacks and the resource disparities between hackers and protocol defenders.