📰 Key Highlights
A closed blockchain protocol is not a safe one. On June 14 this year, hackers exploited a smart contract vulnerability to steal $2.1 million from the Aztec Connect protocol, which had been shut down since March 2023; five days later, the smart contract of the decentralized exchange mySwap was attacked for a $300,000 loss, even though the platform had stopped accepting new liquidity for over six months. Abandoned contracts are still attack targets—risk definitely doesn’t disappear when a protocol shuts down.
A rare positive case emerged in May: white-hat hacker “0xflorent” recovered 1,003 ETH—worth over $1.72 million—for 48 investors from a locked contract left over from the 2016 Hong Coin (HONG) ICO. That ICO had died on the vine that year for failing to hit its funding target, but the funds couldn’t be returned to investors for years due to a flaw in the auto-refund function.
Security expert Redbord stressed that hardening the protocol’s own code and tightening infrastructure is just the first step—the whole industry and regulators must keep working together to fight malicious cyberattacks from North Korean hackers and dismantle Chinese money-laundering networks. He noted: “Protocols can lock their own doors, but someone still needs to track down the actors trying to break in.”
💬 JudyAI Lab Take
An abandoned contract isn’t a harmless contract—two attack incidents and one successful white-hat case together expose the long-overlooked blind spot that “shutting down a protocol ≠ zero risk.”
Aztec Connect got hacked more than a year after shutdown, and mySwap fell victim half a year after closing its liquidity entry—both cases show that “retiring” a smart contract just means the front-end stops serving; the code lives on-chain forever. For builders, if your wind-down plan doesn’t include a real termination strategy at the contract level, the risk hasn’t actually gone away. The case of white-hat hacker 0xflorent also reminds us that vulnerabilities in legacy contracts don’t have to be exploited maliciously—when technical skill is pointed in the right direction, it can recover funds locked up for a decade for 48 investors. Security expert Redbord’s point goes one step further: locking your own door is a necessary condition, but it’s not enough—the whole industry and regulators still need to keep tracking down the actors trying to break in.
If you’ve ever deployed any contract, now is a good time to take another look—whether or not a protocol is “officially closed,” it’s worth confirming whether on-chain assets are still in a state that could be attacked.
📅 Source Info
- Published: 2026-07-09T05:47
- Original source: https://cointelegraph.com/news/ai-is-shortening-the-shelf-life-of-crypto-security-audits-researchers-warn?utm_source=rss_feed&utm_medium=rss_tag_ai&utm_campaign=rss_partner_inbound