In 2026, autonomous AI trading agents became mainstream but triggered over $45 million in security incidents when protocol-level weaknesses were exploited. These attacks differed from typical smart contract bugs, targeting the 'brain' of agents - their long-term memory and trading protocols.
Step Finance on Solana suffered a $40 million breach in January when compromised AI trading agents amplified damage from executive device breaches. The agents executed massive SOL transfers (261,000 tokens worth $27-30 million) due to excessive permissions and poor isolation, ultimately causing a 97% token crash.
The incidents revealed a new threat model where execution layers became prime targets. Unlike traditional crypto hacks targeting code or private keys, compromised agents could manipulate entire trading strategies across connected systems, with 'shadow AI' discussions gaining urgency.
