Attackers have siphoned at least $36.7 million from protocols running unverified smart contracts over the past six months, according to a new Chainalysis report shared this week. The firm ties the surge directly to AI-assisted exploit development — specifically, large language models (LLMs) that analyze decompiled bytecode at scale. The findings paint a grim picture for DeFi teams that skip verification: they're not just missing out on transparency; they're leaving the door open for automated, AI-driven attacks.
..." Yes, that's the same. So we translate that. Malay translation for first paragraph: "Penyerang telah menyedut sekurang-kurangnya $36.7 juta daripada protokol yang menjalankan kontrak pintar tidak disahkan dalam tempoh enam bulan yang lalu, menurut laporan Chainalysis baru yang dikongsikan minggu ini. Firma itu mengaitkan lonjakan ini secara langsung dengan pembangunan eksploitasi berbantukan AI — khususnya, model bahasa besar (LLM) yang menganalisis kod terurai (decompiled bytecode) pada skala besar. Penemuan ini memberikan gambaran suram bagi pasukan DeFi yang melangkau pengesahan: mereka bukan sahaja kehilangan ketelusan, tetapi juga membuka pintu kepada serangan automatik yang dipacu AI." Note: "siphoned" -> "menyedut" (or "mengalirkan"? "menyedut" is fine). "protocols running unverified smart contracts" -> "protokol yang menjalankan kontrak pintar tidak disahkan". "decompiled bytecode" -> "kod terurai" or "bytecode yang dinyahhimpun"? Keep "decompiled bytecode" as is? Better to translate: "kod terurai (decompiled bytecode)". "paint a grim picture" -> "memberikan gambaran suram". "skip verification" -> "melangkau pengesahan". "leaving the door open" -> "membuka pintu". Now second paragraph: "How the attacks work" heading. Translate heading: "Bagaimana serangan berfungsi" Content: "Chainalysis outlines a pipeline that starts with decompilers like Dedaub, Heimdall, and Panoramix — tools that convert raw bytecode back into readable Solidity. That readable code then gets fed into an LLM, which flags reentrancy bugs, access control gaps, and arithmetic errors. The process is automated, allowing attackers to scan thousands of unverified contracts, triage them by estimated exploitability and potential yield, then strike. Unverified contracts also escape the eyes of white-hat researchers and are often excluded from bug bounty programs — making them prime, low-risk targets." Translation: "Chainalysis menggariskan saluran paip yang bermula dengan penyahhimpun seperti Dedaub, Heimdall, dan Panoramix — alat yang menukar bytecode mentah kembali kepada Solidity yang boleh dibaca. Kod yang boleh dibaca itu kemudian dimasukkan ke dalam LLM, yang menandakan pepijat kemasukan semula (reentrancy bugs), jurang kawalan akses, dan ralat aritmetik. Proses ini adalah automatik, membolehkan penyerang mengimbas ribuan kontrak tidak disahkan, menyusunnya mengikut anggaran keboleh eksploitasi dan hasil potensi, kemudian menyerang. Kontrak tidak disahkan juga terlepas daripada pandangan penyelidik topi putih dan sering dikecualikan daripada program ganjaran pepijat — menjadikannya sasaran utama berisiko rendah." Note: "pipeline" -> "saluran paip" (literal) but in context maybe "proses" or "rantaian". But "saluran paip" is used in tech for pipeline. "decompilers" -> "penyahhimpun". "reentrancy bugs" -> "pepijat kemasukan semula" (common term). "access control gaps" -> "jurang kawalan akses". "arithmetic errors" -> "ralat aritmetik". "triage" -> "menyusun" or "menyaring". "white-hat researchers" -> "penyelidik topi putih". "bug bounty programs" -> "program ganjaran pepijat". "prime, low-risk targets" -> "sasaran utama berisiko rendah". Third paragraph: "The Truebit case" heading: "Kes Truebit" Content: "The biggest single incident was the Truebit hack on January 8, which drained $26.2 million due to an integer overflow in its bonding curve. The contract had been deployed on Ethereum but never verified — it'd been sitting unverified since 2021. The same address that exploited Truebit had already hit an even smaller target twelve days earlier, draining Sparkle protocol for 5 ETH. Proceeds from both exploits were laundered through Tornado Cash. Chainalysis doesn't name the attacker, but the pattern suggests a single operator or group testing tools on lower-value protocols before going after the big one." Translation: "Insiden tunggal terbesar adalah penggodaman Truebit pada 8 Januari, yang mengalirkan $26.2 juta akibat limpahan integer (integer overflow) dalam keluk ikatannya (bonding curve). Kontrak itu telah digunakan di Ethereum tetapi tidak pernah disahkan — ia telah tidak disahkan sejak 2021. Alamat yang sama yang mengeksploitasi TrueAI-Assisted Hackers Steal $36.7M From Unverified Contracts in Six Months, Chainalysis Says
