rio: extract claims from 2026-04-24-phemex-defi-hacks-2026-ytd-606m-april

- Source: inbox/queue/2026-04-24-phemex-defi-hacks-2026-ytd-606m-april.md
- Domain: internet-finance
- Claims: 0, Entities: 0
- Enrichments: 2
- Extracted by: pipeline ingest (OpenRouter anthropic/claude-sonnet-4.5)

Pentagon-Agent: Rio <PIPELINE>

domains/internet-finance/defi-eliminates-institutional-trust-but-shifts-attack-surface-to-human-coordination-layer.md

@@ -24,3 +24,10 @@ The Drift Protocol $270-285M exploit was NOT a smart contract vulnerability. Nor
 **Source:** Chainalysis analysis of Drift Protocol hack, April 2026
 
 Drift Protocol's $285M hack demonstrates this principle at scale: the protocol eliminated institutional trust through smart contracts, but the attack surface shifted to the human coordination layer (Security Council members who could be socially engineered into pre-signing admin control transfers). The months-long social engineering campaign by DPRK-linked attackers posing as a quantitative trading firm exploited human trust relationships rather than code vulnerabilities.
+
+
+## Supporting Evidence
+
+**Source:** Phemex DeFi Hacks 2026 YTD report
+
+2024-2026 DeFi hack data shows 50%+ of all attacks involve compromised accounts, and 80.5% of stolen funds in 2024 came from off-chain attack vectors rather than on-chain code exploits. The increasing dominance of social/operational vulnerabilities over cryptographic ones confirms the attack surface has shifted to the human coordination layer.

inbox/archive/internet-finance/2026-04-24-phemex-defi-hacks-2026-ytd-606m-april.md

@@ -7,9 +7,12 @@ date: 2026-04-24
 domain: internet-finance
 secondary_domains: []
 format: article
-status: unprocessed
+status: processed
+processed_by: rio
+processed_date: 2026-04-24
 priority: low
 tags: [defi-security, exploits, bridge-hacks, statistics, 2026]
+extraction_model: "anthropic/claude-sonnet-4.5"
 ---
 
 ## Content