- Anthropic’s Claude Fable 5 model offers stronger reasoning and coding abilities while attempting to block dangerous uses. A more powerful Mythos 5 variant is restricted to vetted security users.
- Security experts warn that advanced AI will not invent fundamentally new crypto hacks, but will dramatically speed up finding misconfigurations and constructing ways of exploiting weaknesses such as social engineering, exposed keys and flawed signing flows.
- This year’s largest DeFi losses, totaling more than $840 million, have mostly stemmed from human error and operational failures rather than smart-contract bugs.
The newest AI model from Anthropic, which gives users access to stronger, faster reasoning and coding capabilities, lands in a crypto market beset by security problems and could well exacerbate them.
The company released Claude Fable 5 on Tuesday, the first public model in the Mythos class and, Anthropic says, its most powerful yet. So powerful, in fact, the company released two versions: one for widespread use and the other for more restricted distribution.
The public version sports stronger reasoning and coding ability while blocking the most dangerous uses. A less-hamstrung counterpart, Claude Mythos 5, is available only to vetted users in cybersecurity and critical infrastructure.
Experts say Mythos can find and chain zero-day vulnerabilities, or previously unknown software flaws, and help turn a bug into a working attack. Anthropic says the software tries to intercept possible attack vectors by detecting high-risk requests. Once identified, they are routed to a weaker model, Claude Opus 4.8.
The company says this specific fallback triggers in fewer than 5% of sessions. It also said in a blog post that specialized cybersecurity teams and more than 1,000 hours of external bug-bounty work found no universal way of breaking the system.
Still, Anthropic recognizes that the system is unlikely to be foolproof and says it expects determined, well-funded attackers to keep trying because the capability is valuable.
"The uplift from Mythos-level capabilities is valuable to many adversaries—for instance, those who could financially gain from cyberattacks—and we therefore expect them to be motivated to try to circumvent our safety measures," the firm said in the post.
Identifying a weakness in a target, however, is not the biggest innovation AI brings to a hacker's toolbox. The key facility is superhuman speed, and the limitations introduced into the AI models may not be strong enough to overcome that.
“Current AI guardrails raise friction," said Charles Guillemet, the chief technology officer at hardware-wallet maker Ledger, in an email to CoinDesk. "They are not a reliable control against a determined adversary.”
The shift is less about AI inventing new kinds of hacks and more about how long it takes to create them, he said. A reasoning model can “diff every commit, grep every config, and enumerate every misconfiguration at machine speed,” referring to steps in the process of software development.
Crypto is unusually exposed because software failure can become a financial loss almost immediately.
Social engineering
DeFi protocols have lost more than $840 million to hacks in the first five months of the year, DefiLlama data shows. April alone accounted for more than $600 million, the worst month on record for the decentralized finance industry.
However, the two largest incidents were not simple smart-contract exploits of the type AI could engineer.
In one, a North Korea-linked group drained about $285 million from Drift Protocol after a six-month social-engineering campaign that won it admin access. For the other, the attacker exploited a single-verifier flaw that allowed roughly $292 million to be siphoned from Kelp DAO.
Another example hit on Tuesday, when Humanity Protocol, a decentralized human-identity service, lost over $30 million to a private-key compromise. CoinDesk found that a hacker gained access to three out of six private keys on one employee's laptop,
Therein is the problem. While the most obvious smart-contract prompts may be exactly the ones Anthropic’s filters are designed to catch, the largest losses have not needed a contract bug.
The exploits, Ledger's Guillemet noted, come from familiar weak points: social engineering, bad signing flows, exposed keys and human error.
A model like Fable does not need to hand over a finished exploit to change the economics of an attack. It can read public repositories, compare old versions of software, summarize audit reports and draft convincing messages that look for the small operational mistakes humans miss.
A defender, in such an environment, has to secure every key path, every dependency, every signing flow and every privileged account. Because AI accelerates the scouting phase, the final signing step becomes more important. Private keys need to sit somewhere a compromised laptop cannot reach, and users need a trusted screen that shows what they are actually approving.
"Call it what it is: these exploits remain rooted in social engineering and human error. AI didn't create that reality. It made it visible, and accelerated it to machine speed. The only real exit is a hardware root of trust: private keys generated and kept on a certified secure element, with a trusted display and Clear Signing," Guillemet said.
A double-edged blade
The same techniques, however, also work to protect the code itself. Pendle, a DeFi yield protocol, said it has used Anthropic's models defensively since the first version of Claude Opus. The team uses AI to map its codebase and stress-test its contracts, including freshly deployed ones. It says the tools catch bugs early and help it write cleaner code.
Smart contracts are the wrong thing to be concerned about, Pendle's developers said in an interview over Telegram. A smart contract is short and has only about a dozen entry points. Good auditors have long been able to hold a contract's full state in their heads and test every edge case.
"There are really not that many lines of code in a smart contract to audit," the developer team said.
Which means the next major crypto hack may not look new. It will probably look be the same poisoned package, fooled developer or bad signing flow DeFi already knows.
It's just likely to come sooner rather than later.
