AI-hacking might tip the $130 billion crypto market
In April, a series of crypto hacks unfolded just over two weeks apart, resulting in nearly $600 million being siphoned off by the attackers. This wave of breaches prompted a significant investor exodus from one major platform and ultimately led to the downfall of another. However, despite the significant damage caused by the two exploits, what truly concerned cybersecurity experts was the method employed by the hackers to execute them. The attackers, thought to be associated with North Korea, seemingly utilized artificial intelligence to identify targets and craft exploits, as reported by blockchain forensics firm TRM Labs. “The heists displayed such a leap in sophistication that it’s highly likely the hackers worked with the help of AI,” said Nick Carlsen, who specializes in North Korean crypto crime. The potential for AI to fall into the wrong hands represents a significant intensification of the risks confronting the crypto space, which has already suffered billions in losses due to hacks in recent years. The industry faces a distinct vulnerability to digital theft due to the inherent characteristics of the blockchain infrastructure it relies on.
In a dramatic turn of events, investors pulled approximately $9 billion from a lending protocol within just two days, a platform previously implicated in laundering funds from one of the April hacks. This incident underscores the fragility of investor confidence, which can dissipate rapidly, even when the protocol itself is not directly under fire. “There is no room for error in security” now, stated Nicholas Smart. At the center of the discussion is Mythos, the AI model that Anthropic PBC has chosen to keep under wraps due to concerns surrounding its cybersecurity implications. Researchers caution that, although there’s no evidence the hackers had access to it, it’s only a matter of time before criminals gain access to more advanced AI tools. Anthropic’s own research indicates that even current agents possess significant potential for exploits. One concern is that AI might reduce the obstacles for potential crypto thieves. “Before AI, there may have been a limited number of elite hackers,” stated Niv Yehezkel. “Now, nearly anyone can access the tools to operate like an elite hacker with just a subscription.” Decentralized finance, a $130 billion segment of the industry where investors engage in trading, borrowing, and lending cryptocurrencies through automated protocols, has emerged as especially susceptible.
In April, the number of DeFi exploits reached an unprecedented high, nearly doubling compared to March. This has triggered a surge among projects to bolster their defenses in response to the ongoing onslaught. While many of the exploits were minor, the increase indicates that cybercriminals are improving their ability to scan software for vulnerabilities and rapidly create exploits — likely aided by the accessibility of AI models, according to experts. According to more than six cybersecurity researchers interviewed, determining if hackers are utilizing AI is not an exact science. Instead, investigators reach conclusions by analyzing the complexity of an attack, the techniques employed, and the estimated challenge of pinpointing the target. The sudden surge in heists serves as a definitive sign that hackers are utilizing AI, they noted. “With AI, the cost of vulnerability detection is trending to zero,” stated Aneirin Flynn. “The time it takes for hackers to identify a weakness in a blockchain protocol has been compressed from months to days or even hours using AI,” he said. The cybersecurity threat posed by AI is not exclusive to the crypto space.
In November, Anthropic reported that attackers had manipulated its Claude model in an effort to breach approximately 30 entities, which included major technology firms, financial institutions, and government agencies, and noted that they “succeeded in a small number of cases.” The targets were not specified. Upon realizing that Mythos exhibited significantly greater capabilities for cyberattacks compared to previous models, Anthropic executives made the strategic decision to restrict its initial release to a select group of global tech giants, allowing for thorough testing against their own products. Major banks have begun their testing phase for Mythos. DeFi, however, seems particularly vulnerable. In contrast to traditional finance, the oversight continues to be fragmented. Banking regulators consistently conduct stress tests on the cyber defenses of major financial institutions to guarantee their resilience. Banks have the ability to block suspicious transfers; however, transactions conducted over blockchains are irreversible, and hackers possess numerous methods to relocate stolen funds beyond reach. DeFi has surged in popularity among crypto investors looking for yield. It is fundamentally a network of interoperable, blockchain-based protocols that utilize self-executing code, known as smart contracts, enabling users to transfer and deploy cryptoassets independently of centralized intermediaries. Investment resources in the cybersecurity sector differ greatly from one project to another. This presents hackers with numerous potential targets to exploit. The aftermath of a heist can send shockwaves through the ecosystem, putting other companies at risk as well. The two significant hacks in April, when considered collectively, highlighted both risks involved.
A recent attack focused on a derivatives exchange known as Drift Protocol, resulting in a staggering loss of over $280 million. In a postmortem released shortly after the attack, Drift revealed that the hackers had invested months in cultivating a relationship with its contributors, posing as a quantitative trading firm. Employees were subsequently deceived into approving harmful transactions. The heist showcased other equally ambitious elements. The hackers devised a bogus token and fabricated an exaggerated trading history to deceive Drift’s protocols into recognizing it as valid collateral. Drift has been compelled to cease operations but is gearing up for a relaunch following an injection of stablecoins from Tether. In a recent development, the DeFi project Carrot, which had ties to the Drift platform, revealed on April 30 that it would be closing its doors due to the incident. The second incident impacted Kelp DAO, with hackers focusing on a software protocol referred to as a “bridge” that facilitates connections between various blockchains. Certain elements of the heist — which yielded nearly $300 million — remain unclear, yet the repercussions were significantly more severe due to the methods the hackers employed to launder the funds. In a groundbreaking move, they utilized the majority of the stolen assets as collateral to secure a loan on Aave, the leading DeFi lending protocol. The situation ignited concerns over the potential for worthless collateral on Aave, leading to a frantic exodus among depositors that quickly extended to other platforms, even those with no connections to the hack. Aave found itself in need of a rescue. The Drift and Kelp DAO hacks showcased distinct characteristics; notably, the former appeared to depend significantly on social engineering tactics, wherein hackers deceive individuals into granting them access to confidential systems.
Experts noted that the hackers’ ingenuity surpassed that of previous attacks, prompting speculation that they may have utilized AI for aspects such as planning and design. “I highly suspect that North Koreans used AI to engineer both” hacks, said Nick Carlsen. “This is all stuff North Korea never used to do.” Recent efforts have focused on evaluating the capabilities of current AI agents in identifying vulnerabilities within blockchain systems and crafting potential hacks. In December, Anthropic released research indicating that over 50% of blockchain exploits executed in 2025, “presumably by skilled human attackers,” could have been performed autonomously with the aid of AI. According to Anthropic, the so-called “potential exploit revenue” has been doubling every 1.3 months, while the cost of a hack has seen a significant decline, as revealed by the researchers. “Profitable autonomous exploitation can happen today,” they stated. Anthropic has chosen not to provide any comments regarding the potential repetition of the experiment with Mythos. A new test was conducted by two engineers at a16z, the leading venture capital firm in the crypto space. The findings were varied: An AI that was trained by examining historical DeFi hacks “always found the vulnerability” in a specific protocol, yet it struggled to completely devise a profitable exploit, Daejun Park and Matt Gleason noted in an April 28 blog post. They highlighted that the experiment took place prior to Anthropic’s announcement of Mythos, and expressed their intention to evaluate the model “once we get access.” The crypto space is increasingly feeling the pressure to tackle hacking head-on.
Failsafe CEO Flynn stated that numerous clients are implementing software that consistently monitors various devices linked to a network, ranging from laptops to mobile phones, and is designed to identify suspicious patterns while notifying managers of potential threats. Yuan Han Li has advocated for the enhanced implementation of circuit breakers designed to pause or restrict transactions that exceed a specific threshold — effectively allowing more time to address an exploit. According to co-founder Siong Ong, a trading venue known as Jupiter is implementing a similar solution that it is expanding more broadly. Aave is broadening its risk framework for collateral to incorporate cybersecurity considerations, according to Linda Jeng, the lending platform’s chief legal and policy officer, who made the announcement last week. According to TRM’s Carlsen, any attempt to counter North Korea-affiliated hackers equipped with AI is bound to be unsuccessful. In his view, the sole answer lies in flipping the script on cybercriminals by utilizing their own tactics to reclaim stolen cryptocurrency. “You don’t win this kind of campaign playing defense” against attackers, he stated.
