Cyvers Early Detection Of Sonne Finance Hack and The Importance Of AI In Web3 Security

15 May 2024

AI in web3 security is neither a passing fad nor a makeshift solution. On the contrary, it is now a focal point in the fight against cryptocurrency thefts and cyber attacks. AI companies in web3 are training AI algorithms to detect potential cyber attacks on DeFi protocols in a bid to reduce the probability of an attack significantly while increasing the response time.

The ability of AI algorithms to detect potential threats can save millions of dollars of investors’ funds, highlighting not just the growing importance of AI but also cementing its place in web3 security, which is often described as a $4 billion problem. Although the use of AI in crime detection has long been around, it has only found relevance in crypto security where cyber thefts are rampant.

AI algorithms are trained through a process called machine learning to spot anomalies and patterns commonly associated with cyber thefts and other types of crypto-related cyber attacks such as phishing and ransomware attacks. AI’s ability to provide a sophisticated security system gives it an edge over malicious software used by bad actors in attacking DeFi protocols.

The advancement that AI in web3 security represents is preeminently self-evident in the latest Sonne Finance hack. There are numerous examples of such exploits and AI use cases but this incident being the latest in a long list of cyberattacks on DeFi protocols deserves to be critically studied. This sentiment is also informed by the volume of media coverage it has generated in the last 24 hours.

The Sonne Finance Hack

Sonne Finance, a decentralized lending protocol, reportedly lost $20 million in a major hack on May 14, 2024. The attack occurred in seven different transactions and lasted for thirty minutes before Sonne Finance halted operations to avert further thefts. Four minutes before the attack, Cyvers AI, a web3 security firm, detected the potential threat and alerted Sonne Finance at about 10:30 pm to the imminent danger.

Commenting on the Sonne Finance hack,  Meir Dolev Co-Founder and CTO of Cyvers.AI said:

" The hacker exploited Compound V2 empty market vulnerability where he conducted a precision loss attack that led to more than $20 million loss in 7 different transactions. Cyvers have detected the attack four minutes before the first exploit transaction"

At the initial stage, Cyvers detected an attack on SonneFinance's USD Coin (USDC) and Wrapped Ether (WETH) contracts, which had already lost $3 million, but the situation quickly escalated resulting in a total loss of over $20 million by the protocol. This incident underscores the growing importance of Artificial Intelligence (AI) in the detection and mitigation of cryptocurrency theft.

Moreover, as traditional security methods often struggle to keep pace with the ever-evolving tactics of cybercriminals. AI, however, offers several advantages:

  • Real-time monitoring: AI systems can be deployed to continuously analyze vast amounts of data, identifying suspicious patterns that might escape human analysts.

  • Faster response times: AI systems can react to threats much quicker than humans, allowing for a timely response to mitigate damage.

  • Improved threat detection: AI algorithms are constantly learning to detect anomalies and patterns and may soon become adept at identifying sophisticated hacking techniques.

The Implications of The Sonne Finance Hack

The Sonne Finance hack is yet another intriguing case of cryptocurrency theft recorded so far in 2024. It highlights the growing tendency of digital currencies to become mainstream and the security challenges surrounding them. While appropriate measures have been taken to avert further theft, the incident raises critical questions about the vulnerability of DeFi protocols. Here's a deeper look at some of them:

  • DeFi's Security Flaws:Decentralized Finance has a massive potential to revolutionize the financial landscape but often lacks the robust security infrastructure of traditional financial institutions, exposing DeFi protocols to cybersecurity risks.
  • A Fast-Paced Landscape:Crypto attackers are constantly developing new methods to exploit vulnerabilities. AI's ability to adapt and learn from these evolving threats can provide an edge for DeFi protocols.
  • Proactive Security:The Sonne Finance incident highlights the importance of proactive security measures. Implementing AI-powered security systems before an attack occurs can significantly mitigate the risk of financial losses.
  • Increased Adoption of AI Security:This incident is likely to accelerate the adoption of AI security solutions within the cryptocurrency industry. Web3 companies may increasingly resort to  AI to protect their assets and user funds.
  • Increased Collaboration: The complex nature of cyber threats necessitates collaboration between security firms, DeFi protocols, and regulatory bodies. Sharing information and best practices can create a more robust defense system.


The cyberattack on Sonne Finance can be described as the doors of the temple of Janus. While the incident itself is a cause for concern, it also highlights the immense potential of AI in detecting potential cybersecurity threats and mitigating them. By implementing robust AI security systems and fostering collaboration across the industry, DeFi platforms can build a stronger defense against cyber threats and ensure a safer future for investors and users alike.