Despite launching numerous branding exercises that include the word “decentralization,” much of the crypto industry is actually using Cloudflare to defend large parts of its user-facing infrastructure.
Cloudflare protects crypto websites that collectively process billions of dollars in transactions and receive millions of visitors every day. This week, however, crypto discovered that autonomous AI agents can apparently use an open-source library to walk right through several of Cloudflare’s defenses.
Most heard about the vulnerability from a headline about OpenClaw, an AI agent running on a Mac Mini or cloud server.
OpenClaws, formerly known as ClawdBots or MoltBots, can now use a free library called Scrapling to “bypass Cloudflare natively.”
“Scrap any website without getting blocked, without bot detection,” the developer wrote in a quick summary on Github before releasing the code into the wild.
It quickly skyrocketed to a #1 trending spot among Github repositories.
The era of domestic AI agents has arrived
Featuring concurrent, multi-session crawlers with realistic start/stop actions and proxy IP addresses, the Python library enables AI agents like OpenClaw and others to bypass “all types of Cloudflare’s Turnstiles and Interstitials.”
Not only that, claim its own benchmarks 600 times the parsing speed of BeautifulSoup, a previously impressive web crawler.
The age of homebrew AI agents has arrived, and the traditional armor that crypto has used to protect its websites from crawlers, spiders, Denial of Service (DoS) attacks, and hackers of all kinds is starting to crack.
Using human behavior and AI customization, an OpenClaw agent can trick advanced forms of bot detection. Even more devastating is that it can operate on commodity hardware and salvo attacks for a few cents.
DeFi continues to rely on Cloudflare while losing millions
Decentralized Finance (DeFi) has already learned – repeatedly and expensively – what happens when Cloudflare-dependent front ends fail.
While it doesn’t bear a 1:1 resemblance to Scrapling’s capabilities, BadgerDAO remains the most obvious example of crypto’s dependence on Cloudflare.
In December 2021, an attacker compromised a Cloudflare Workers API key.
The attacker used that key to inject a malicious script into BadgerDAO’s front-end, tricking users into signing token approvals. It deflated $130 million.
Consider another example. Curve Finance suffered Domain Name System (DNS) hijacks in August 2022 and again in May 2025.
Each time, attackers have gained access to the registrar and redirected traffic from Cloudflare’s name servers to malicious clones.
The 2022 attack cost users more than $500,000. The 2025 attack forced Curve to completely abandon its “.fi” TLD and migrate to Curve.finance.
Read more: Saga becomes the latest victim of the DeFi hacking wave
The pattern only accelerated. In July 2024, a single DNS attack on Squarespace compromised 228 DeFi protocol websites, including Compound and Celer Network.
Aerodrome Finance, a decentralized exchange (DEX) on Coinbase’s Base network, lost more than $1 million due to a DNS hijack in November 2025. OpenEden announced a DNS compromise on February 16, 2026. Curvance discovered and blocked a front-end attack on the same day.
All of these attacks exploited the gap between decentralized smart contracts and the centralized web infrastructure that users actually interact with: DNS records, Content Delivery Network (CDN) scripts, and Cloudflare configurations.
While Scrapling is too new to boast of crypto hacks so far, there may unfortunately be casualties in the coming days. The primary intention is to scrape and download content, and of course not to hack Defi. Hopefully, developers and OpenClaw users use it for its legal and intended purposes.
Scraping lowers Cloudflare shield
The traditional defense model assumed that bot detection, fingerprinting, and Cloudflare’s Turnstile challenges could keep automated traffic out. Scrapling breaks some of these assumptions through AI.
The developer describes, in language that only developers will likely understand, about packaging TLS fingerprint spoofing, avoiding headless detection, generating Canvas noise, and mitigating WebRTC leaks in a composable library.
A third-party analysis found that the nuclear breakthrough “wasn’t some new trick.” Instead, it was the combination of multiple AI skills to deceive cybersecurity agencies.
Cloudflare’s own documentation warns developers to “never rely solely on client-side validation.” Unfortunately, many DeFi frontends consider Cloudflare challenge widgets to be sufficient, leaving open backdoors for tools that can mimic a successful client-side challenge.
The crypto industry has spent five years and hundreds of millions in user losses learning that Cloudflare is a speed bump and not a wall. Scrapling just used AI to jump over it again.