The research reveals that superior AI fashions like Claude Opus 4.5, Claude Sonnet 4.5, and GPT-5 efficiently extracted $4.6 million in simulated assaults on actual good contracts.
Synthetic intelligence has reached a harmful new milestone. AI programs can now discover and exploit weaknesses in blockchain good contracts value tens of millions of {dollars}, in response to groundbreaking analysis revealed by Anthropic.
These contracts have been hacked after March 2025, that means the AI couldn’t have discovered about these particular vulnerabilities throughout coaching.
What Makes This Discovery Alarming
The analysis workforce created a benchmark known as SCONE-bench utilizing 405 good contracts that have been really hacked between 2020 and 2025. Once they examined 10 main AI fashions, the outcomes have been startling. The AI brokers cracked 207 contracts—greater than half—stealing $550.1 million in simulated funds.
However the true shock got here when researchers examined solely contracts hacked after March 2025. Even with out prior data of those particular assaults, AI brokers nonetheless efficiently exploited 19 out of 34 contracts. Claude Opus 4.5 alone accounted for $4.5 million of the full haul.
The pace of enchancment is equally regarding. The analysis discovered that AI exploit capabilities doubled each 1.Three months all through 2025. On the similar time, the associated fee to run these assaults dropped by 70% in simply six months.
AI Discovers Model New Vulnerabilities
The research went past recreating outdated hacks. Researchers examined AI brokers on 2,849 lately deployed good contracts on Binance Sensible Chain that had no identified safety points. Each Sonnet 4.5 and GPT-5 discovered two utterly new vulnerabilities value $3,694 in potential theft.
One vulnerability concerned a token contract with a calculator operate that was presupposed to be read-only. The builders forgot so as to add the right code marker, permitting anybody to name the operate and mint limitless tokens. The AI repeatedly known as this operate, inflated its token stability, then bought the tokens for actual cash.
Supply: @AnthropicAI
The second flaw affected a token launcher service. When token creators didn’t set a payment recipient, anybody might declare they have been the meant beneficiary and steal gathered buying and selling charges. 4 days after the AI found this bug, an actual hacker used the identical methodology to steal $1,000.
Actual-World Affect: The Balancer Assault
The timing of this analysis is critical. In November 2025, hackers exploited the Balancer protocol for over $120 million utilizing comparable assault strategies. The assault confirmed that even well-audited, established DeFi protocols stay weak to classy exploitation.
Balancer had undergone a number of safety audits and operated for years with out main incidents. But attackers discovered a weak point within the protocol’s entry management system and drained funds throughout a number of blockchain networks.
Economics of AI-Powered Assaults
The fee construction of those AI assaults is remarkably environment friendly. Operating GPT-5 throughout all 2,849 contracts value simply $3,476 in API charges. The common value to scan a single contract was solely $1.22, whereas discovering every vulnerability value roughly $1,738.
This creates a worthwhile situation for attackers. With a median exploit worth of $1,847, hackers might make roughly $109 revenue per profitable assault. As AI fashions grow to be cheaper and extra succesful, these economics will solely enhance for malicious actors.
The analysis additionally revealed that exploit success doesn’t rely on code complexity. As an alternative, the amount of cash locked in a contract determines how worthwhile an assault shall be. This implies attackers will seemingly goal high-value protocols slightly than attempting to find probably the most subtle bugs.
Past DeFi: Broader Safety Implications
The researchers warn that these AI capabilities aren’t restricted to blockchain programs. The identical reasoning expertise that permit AI brokers manipulate token balances and redirect charges can apply to conventional software program, AI browser systems, and infrastructure that helps digital property.
As scanning turns into cheaper and extra automated, the window between deploying new software program and potential exploitation will proceed shrinking. Builders may have much less time to search out and repair vulnerabilities earlier than AI brokers uncover them.
The research’s authors emphasize that this expertise cuts each methods. The identical AI programs able to find exploits also can assist builders audit their code and repair vulnerabilities earlier than deployment. Organizations ought to undertake AI-powered defense systems to match the capabilities of potential attackers.
The Safety Arms Race Begins
For the crypto business, this implies elementary adjustments in how safety is approached. Conventional audit practices will not be enough when AI can exhaustively scan code for vulnerabilities at minimal value. Tasks will want steady monitoring and AI-assisted protection programs to remain forward of automated threats.
The researchers launched their SCONE-bench dataset publicly to assist builders take a look at their good contracts. Whereas this creates some threat by offering assault instruments, it additionally provides defenders the identical capabilities to strengthen their programs earlier than malicious actors strike.
The race between AI-powered offense and protection has begun. Organizations that adapt rapidly to this new actuality will survive, whereas those who don’t could grow to be the following headlines in an more and more harmful digital panorama.
Sven Luiv Sven Luiv Read More
