Mythos, the new AI model from Anthropic that has sparked fear and confusion in traditional tech and finance, is also driving a massive shift in how the crypto industry thinks about security.<\/p>\n
For years, decentralized finance has focused its defenses on smart contracts. Code is audited, vulnerabilities are cataloged, and many common exploits are well understood. But Mythos, a model designed to identify and chain together weaknesses across systems, is pushing attention beyond code and into the infrastructure that supports it<\/a>.<\/p>\n \u201cThe bigger risks sit in infrastructure,\u201d said Paul Vijender, head of security at Gauntlet, a risk management firm. \u201cWhen I think about AI-driven threats, I\u2019m less concerned about smart contract exploits and more focused on AI-assisted attacks against the human and infrastructure layers.\u201d<\/p>\n That includes key management systems, signing services, bridges, oracle networks, and the cryptographic layers that connect them. These components are less visible than smart contracts and are often outside traditional audit scope. <\/p>\n In fact, this month, web infrastructure provider Vercel, which many crypto companies use, disclosed a security breach<\/a> that may have exposed customer API keys, prompting crypto projects to rotate credentials and review their code. Vercel traced the intrusion to a compromised Google Workspace connection via the third-party AI tool Context.ai, which an employee used.<\/p>\n Mythos belongs to a new class of AI systems built to simulate adversaries. Instead of scanning for known bugs, it explores how protocols interact<\/a>, testing how small weaknesses can be combined into real-world exploits. That approach has drawn attention beyond crypto. Banks like JP Morgan are increasingly treating AI-driven cyber risk as systemic and are exploring tools like Mythos for stress testing<\/a>. Earlier this month, Coinbase and Binance both reportedly approached Anthropic<\/a> to test Mythos.<\/p>\n Early findings from models like Mythos have identified weaknesses in the behind-the-scenes systems that keep crypto platforms secure, including the technology that protects keys and handles communication between systems.<\/p>\n \u201cI think there are two areas where AI models are especially valuable,\u201d Vijender said. \u201cFirst, multi-step exploit chains that historically only get discovered after money is lost. Second, infrastructure-layer vulnerabilities that traditional audits never touch.\u201d<\/p>\n That shift matters in a system built on composability, where DeFi protocols can connect and build on each other\u2019s services.<\/p>\n DeFi protocols are designed to interconnect. They share liquidity, rely on common oracles, and interact through layers of integrations that are difficult to map in full. That interconnectedness has driven growth, but it also creates pathways for risk to spread, as seen in recent bridge exploits<\/a> like the Hyperbridge attack, in which an attacker minted $1 billion worth of bridged Polkadot tokens on Ethereum by exploiting a flaw in how cross-chain messages were verified.<\/p>\n \u201cComposability is what makes DeFi capital efficient and innovative,\u201d Vijender said. \u201cBut it also means a minor vulnerability in one protocol can become a critical exploit vector with contagion potential across the ecosystem.\u201d<\/p>\n Without AI, those dependencies are hard to trace. With AI, they can be mapped and exploited at scale. The result is a shift from isolated exploits to systemic failures that cascade across protocols.<\/p>\n Evolution of AI attacks<\/p>\n Still, some industry leaders see Mythos as an acceleration rather than a turning point.<\/p>\n At Aave Labs, founder Stani Kulechov said AI reflects the dynamics already at play in DeFi\u2019s adversarial environment.<\/p>\n \u201cWeb3 is no stranger to well-funded and motivated adversaries,\u201d he told CoinDesk. \u201cAI models represent an evolution in the tools used to achieve exploits.\u201d<\/p>\n From that perspective, DeFi is already built for machine-speed attacks. Smart contracts execute automatically, and defenses such as liquidation mechanisms and risk parameters operate without human intervention.<\/p>\n \u201cDeFi operates at compute speed, so AI doesn\u2019t introduce a new dynamic,\u201d Kulechov said. \u201cIt intensifies an environment that has always required constant vigilance.\u201d<\/p>\n Even so, Aave is seeing AI surface new categories of vulnerabilities, including issues that human auditors may have previously deprioritized.<\/p>\n \u201cThe Mythos paper shows that AI can uncover old bugs that were previously deprioritized,\u201d he said.<\/p>\n That breadth still matters in a system where even smaller vulnerabilities can undermine trust or be combined into larger exploits.<\/p>\n If attackers can move faster, the question becomes whether defenses can keep pace.<\/p>\n For both Gauntlet and Aave, the answer lies in changing the security model itself. Audits before deployment and monitoring after were designed for human-paced threats. AI compresses that timeline.<\/p>\n \u201cTo defend against offensive AI, we will need to take an AI-centric approach where speed and continuous adaptation are essential,\u201d Vijender of Gauntlet said. That includes continuous auditing, real-time simulation, and systems built with the assumption that breaches will happen.<\/p>\n A ‘greater way’<\/p>\n Aave has already integrated AI into its workflows, using it for simulations and code review alongside human auditors. \u201cWe take an AI-first approach where it adds clear value,\u201d Kulechov of Aave Labs said. \u201cBut it complements, rather than replaces, human-led auditing.\u201d<\/p>\n In that sense, AI equips both attackers and defenders.<\/p>\n For builders, the long-term effect may be less disruption than divergence.<\/p>\n