Blockchain data analytics company Chainalysis announced on Tuesday at its annual Links conference in New York the introduction of its blockchain intelligence agents, designed to scale investigations and compliance for security professionals and organizations.

 

According to the company’s CEO and co-founder, Jonathan Levine, the AI agents are not a “new product” or a “bolted-on chatbot feature,” but rather an evolution of the company’s existing platform and experience, built on insights from billions of transactions screened and more than ten million investigations conducted over the past decade.

 

"Chainalysis blockchain intelligence agents put the full depth of our platform, our data, products, and institutional expertise, into the hands of anyone in your organization,” Levine wrote in a company blog post. “From seasoned investigators and compliance analysts to executives, Chainalysis agents provide insights and amplify what your team can do.”

 

 

To ensure transparency and reliability in its use, the Chainalysis team built its blockchain intelligence agents around four key principles: data quality, context and reasoning, auditable results, deterministic workflows, and human control. These principles are designed to help the agents deliver accurate and consistent insights.

 

The blockchain intelligence agents will begin rolling out over the summer, and the team expects that, over time, they will be used by professionals across a range of roles to unlock new levels of blockchain insight.

 

Chainalysis Joins the AI Agents Race

Prior to Chainalysis's integration of AI agents into its blockchain intelligence platform, several blockchain companies had already developed and launched their own AI-powered tools.

 

On March 25, blockchain intelligence firm and Chainalysis competitor TRM Labs announced the launch of its Co-Case Agent, an embedded AI investigative assistant that enables investigators to use plain-language prompts for complex on-chain tasks such as tracing funds, auditing transaction graphs, and maintaining immutable audit logs for Suspicious Activity Reports (SARs).

 

Blockchain analytics and crypto intelligence platform Nansen also launched its Nansen AI agent earlier this year. The conversational assistant supports on-chain research and agentic trading, helping users analyze wallets, identify market signals, and suggest trades.

 

These AI agent releases followed the introduction of Elliptic’s Copilot. In April 2025, the blockchain analytics and crypto compliance firm launched its AI-powered assistant to streamline compliance workflows and risk management.

 

Elliptic’s Copilot is widely regarded as one of the earlier AI assistant tools introduced by a blockchain intelligence company.

 

 

Balancer Labs, the core team behind the decentralized finance (DeFi) protocol Balancer, has announced plans to wind down after a $116 million exploit that occurred in November.

 

The decision, according to CEO Marcus Hardt, was driven by the impact of the hack. Despite continuing to generate revenue, Balancer Labs’ economic model was no longer sustainable in the aftermath of the hack.

 

“We were spending too much to attract liquidity relative to what that liquidity was actually generating in revenue,” Hardt said. “We were diluting BAL holders to sustain a system that, in my view, was no longer serving the protocol well. At some point, you have to be honest about that.”

 

With Balancer Labs winding down its operations, the protocol is expected to be managed by the Balancer Foundation and its decentralized autonomous organization (DAO), an approach supported by co-founders Hardt and Fernando Martinelli. 

 

DAO members have been asked to vote on a proposal to restructure the protocol and its tokenomics. If approved, BAL emissions will end, all fees will be routed to the treasury, and the protocol’s share of swap fees will be reduced. The team size will also be cut.

 

So, while Balancer Labs, the core development team, is winding down, the protocol will continue operating under new management with a leaner structure.

 

 

The Balancer Protocol Exploit

On November 3, 2025, Balancer Protocol suffered a smart contract exploit targeting its V2 composable stable pools, resulting in the theft of significant amounts of cryptocurrency.

 

Although Balancer had a permission system in place, a bug in the smart contract allowed the attacker to bypass these controls. The attacker exploited the vulnerability to gain unauthorized access to the protocol’s shared vault system, enabling them to drain assets from multiple liquidity pools across different blockchains simultaneously.

 

The hack had a severe impact on Balancer, causing its total value locked (TVL) to drop from about $775 million to $258 million within days of the exploit, according to a report. Its native token, BAL, also fell by about 30%.

 

The shutdown of the Balancer Labs team comes weeks after crypto aggregator Step Finance announced its own shutdown following a January 31 hack that reportedly led to losses of between $26 million and $40 million from the protocol’s treasury.

 

Bunni, a decentralized liquidity protocol built on Uniswap V4, also shut down around October last year after suffering a hack that resulted in losses of about $8.4 million.

 

 

Decentralized crypto lending and borrowing platform Venus Protocol was recently targeted in a supply cap/flash-loan attack, resulting in an estimated $3.7 million loss.

 

The team said Sunday that it detected unusual activity in the Thena token (THE) pool. Withdrawals and deposits were temporarily paused while the team conducted an investigation. Additional details about the incident have since been released.

 

 

 

According to Allez Labs, the risk manager for the Venus Protocol, the attack occurred in two stages. In the first stage, the attacker gradually acquired 84% of Thena’s (THE) 14.5 million token supply, which represents the platform’s maximum supply. THE is the native cryptocurrency of the Thena decentralized finance platform.

 

The accumulation of the Thena token began as early as March 2025 and continued over a nine-month period, Allez Labs reported.

 

To bypass Thena’s 14.5 million token supply cap on Venus, the attacker moved to the second stage of the exploit, transferring tokens directly to the protocol’s contract and pushing the supply to 53.2 million tokens.

 

Timeline of the Thena Token Supply Cap Breach, according to Allez Labs:

• 11:00 UTC: 12,200,000 THE supplied (84% of the cap, within limits)

• 12:00 UTC: 49,500,000 THE supplied (341% of the cap)

• 12:42 UTC: 53,200,000 THE supplied (367% of the cap)

 

After accumulating a large amount of Thena tokens (THE), the attacker used 53.2 million of them as collateral to borrow other cryptocurrencies, including 6.67 million CAKE, 1.58 million USDC, 2,801 BNB, and 20 BTC. CAKE is the native token of the PancakeSwap decentralized exchange.

 

Although Thena initially had low on-chain liquidity, the attacker’s repeated use of it as collateral, along with additional purchases, caused its price to spike from around $0.27 to nearly $0.53, Allez Labs said. Out of caution, Venus Protocol paused withdrawals and borrowing of THE and CAKE tokens on its platform.

 

Analyzing the scale of the attack, Wu Blockchain reported that the attacker’s wallet obtained roughly 20 BTC, 1.5 million CAKE, and 200 BNB, totaling more than $3.7 million.

 

The Thena token (THE), which was primarily used in the flash loan attack, has seen its price decline by more than 17% over the past 24 hours. As of the time of publication, THE was trading at around $0.1949.

 

 

 

Trust Wallet has introduced a new address-poisoning protection feature that prevents crypto users from falling for address-poisoning attacks.

 

According to the company, this new feature automatically checks the destination address against a database of known scam and lookalike addresses to prevent malicious transactions. Because the feature runs automatically, users will receive real-time warnings if a risk is detected.

 

For now, the feature will be supported on 32 Ethereum Virtual Machine (EVM) chains, including Ethereum, BNB Smart Chain, Polygon, Optimism, Arbitrum, Avalanche, and Base.

 

The Menace of Address Poisoning

Address poisoning is a phishing-style attack in which scammers trick users into sending cryptocurrency to the wrong wallet address, usually one that closely resembles a legitimate address. 

 

Here’s how address poisoning works:

• A scammer generates a look-alike wallet address, typically one that shares the same first and last characters as a legitimate address.
• The attacker then sends a tiny, or “dust,” amount of crypto to an unsuspecting user.
• The fake address subsequently appears in the victim’s transaction history.
• Because crypto transactions are irreversible, the user may mistakenly send funds to the poisoned address, losing them permanently.

 

While address poisoning may not look as sophisticated or complex as other forms of crypto attacks, it has had a long history of success for scammers. 

 

In May 2024, a user accidentally sent 1,155 Wrapped Bitcoin (WBTC) worth approximately $68 million to a fake address. The attacker created a fake address that looked like the legitimate address, and due to lack of proper scrutiny, the user fell for it.

 

While in May 2025, a trader lost $2.6 million after falling for two address poisoning scams, and later that year, another trader lost $50 million in USDT after sending them to a poisoned wallet address.

 

 

Address Poisoning is Just a Numbers Game

Knowing that most crypto users rarely fall for address poisoning scams (roughly 1 success per 10,000 attempts), attackers often rely on scale to succeed. 

 

Between July 2022 and June 2024, over 270 million address poisoning attempts were recorded across the Ethereum and BNB Chain, with 6,633 of these attempts successful, leading to a loss of over $83 million. 

 

In another address poisoning campaign, scammers used 82,031 fake addresses on 2,774 victims. The result? Over $69 million was lost. 

 

And just last year, there were about 32,290 recorded address poisoning attacks in September, which affected over 6,000 victims.