Mcap -- BTC -- ETH -- SOL -- BNB -- XRP -- F&G -- View Market
Loading prices…

Anthropic's New AI Model Could Execute DeFi Exploits at Machine Speed

AI-powered cyber attack diagram showing machine-speed vulnerability scanning targeting DeFi protocols

Anthropic released Claude Fable 5 on Tuesday, and within hours, crypto security researchers started asking an uncomfortable question: what happens when the industry’s billion-dollar attack surface meets an AI that can scan code faster than any human team?

The new model is the first public release in Anthropic’s Mythos class, which the company describes as its most powerful yet. Powerful enough, apparently, that Anthropic split it into two versions. The public Claude Fable 5 includes stronger reasoning and coding abilities while attempting to block dangerous uses. A less restricted variant, Claude Mythos 5, is available only to vetted cybersecurity and critical infrastructure users because it can find and chain zero-day vulnerabilities into working attacks.

DeFi has already hemorrhaged more than $840 million to exploits in 2026’s first five months. The uncomfortable truth emerging from this week’s AI release is that the industry’s defenses may not be ready for adversaries who think at machine speed.

The Speed Problem Anthropic Cannot Solve

Anthropic built safety filters into Fable 5. The system tries to detect high-risk requests and routes them to a weaker model, Claude Opus 4.8. According to the company, this fallback triggers in fewer than 5% of sessions. More than 1,000 hours of external bug-bounty testing found no universal bypass.

But Anthropic is refreshingly honest about the limits. The company acknowledged in a blog post that the system is unlikely to be foolproof and that it expects motivated attackers to keep trying. “The uplift from Mythos-level capabilities is valuable to many adversaries,” the firm wrote, noting that those who could financially gain from cyberattacks will be “motivated to try to circumvent our safety measures.”

Charles Guillemet, chief technology officer at hardware-wallet maker Ledger, put it more bluntly in an email to CoinDesk. “Current AI guardrails raise friction,” he said. “They are not a reliable control against a determined adversary.”

The distinction matters. Safety filters that slow down casual misuse do nothing against a state-sponsored group or a financially motivated criminal operation willing to invest time in bypasses. And in crypto, the payoff for a successful bypass can be nine figures.

Why Crypto Is Uniquely Vulnerable

Guillemet’s core insight is that the threat from AI models like Fable 5 is not about inventing novel attack vectors. The danger lies in acceleration. A reasoning model can “diff every commit, grep every config, and enumerate every misconfiguration at machine speed,” he said, referring to standard software development tasks that human security auditors perform manually.

Consider what that means practically. A human auditor might take weeks to review a protocol’s codebase, identify potential weak points, trace the logic of multi-signature schemes, and construct a viable exploit path. An AI operating at machine speed could potentially compress that timeline to hours or less.

Crypto amplifies this risk because software failure converts to financial loss almost instantly. In traditional finance, a discovered vulnerability might allow unauthorized account access, but extracting funds typically requires navigating banking rails, compliance checks, and reversible transactions. In DeFi, a successful exploit can drain a protocol’s entire treasury in a single block. The derivatives markets and lending protocols that form the backbone of decentralized finance are particularly exposed because they hold concentrated liquidity.

April 2026 saw over $600 million in DeFi losses alone, making it the worst single month on record for the decentralized finance industry.

The Human Error Pattern

Here is the uncomfortable data point that makes the AI threat even more concerning: this year’s largest DeFi losses did not come from sophisticated smart-contract exploits. They came from human error and operational failures.

DefiLlama data shows more than $840 million lost in the first five months of 2026. The two biggest incidents tell a story that should worry anyone assuming smart-contract audits will save them.

A North Korea-linked group drained approximately $285 million from Drift Protocol, but they did not find a clever contract bug. They ran a six-month social-engineering campaign until they won admin access. The attack required patience, deception, and eventually compromised credentials, not a zero-day vulnerability.

The second-largest incident saw roughly $292 million siphoned from Kelp DAO through a single-verifier flaw. Again, not a contract bug in the traditional sense, but an operational architecture weakness that allowed an attacker to bypass intended security controls.

Bar chart showing 2026’s largest DeFi exploits including Kelp DAO at $292M, Drift Protocol at $285M, and Humanity Protocol at $30M

On Tuesday itself, Humanity Protocol lost over $30 million when a hacker gained access to three of six private keys stored on a single employee’s laptop. No AI-generated exploit code required. Just a compromised endpoint.

The pattern is clear. The largest losses stem from social engineering, bad signing flows, exposed keys, and human error. These are exactly the categories where an AI reasoning model could provide massive uplift to attackers without ever writing a line of malicious smart-contract code.

What Fable 5 Changes for Attackers

A model like Fable 5 does not need to hand over a finished exploit to be dangerous. Guillemet’s analysis suggests the value comes from reconnaissance and optimization at speeds humans cannot match.

Imagine an attacker targeting a mid-sized DeFi protocol. Today, they might spend weeks researching the team, mapping the organizational structure, identifying employees with privileged access, finding social media footprints, and crafting personalized phishing approaches. An AI assistant could compress the research phase dramatically, cross-referencing public information, identifying the most vulnerable entry points, and even drafting convincing social-engineering messages.

Or consider the technical reconnaissance phase. An attacker wants to know if a protocol’s multi-signature wallet has any operational weaknesses. Human analysis might involve reading documentation, tracing on-chain transactions, and building a mental model of how signing ceremonies actually work. A reasoning AI could parse the same information in minutes, flagging anomalies like inconsistent signing patterns, single points of failure in key storage, or time windows when the number of required signers drops due to availability issues.

The market implications are significant. Protocols that assumed their security posture was adequate because human attackers would need months to find weaknesses may discover that timeline has collapsed to days.

The Filter Fallacy

Anthropic’s approach to safety is not naive. The company explicitly designed different access tiers, restricting the most capable version to vetted security professionals. The public model routes suspicious requests to a weaker backend. Over 1,000 hours of adversarial testing found no universal jailbreak.

But the company’s own language reveals the limits of this approach. Anthropic said it expects determined, well-funded attackers to keep trying because the capability is valuable. The firm explicitly acknowledged the filters are “not a reliable control against a determined adversary.”

This creates an asymmetric situation. Defensive security teams get access to powerful AI tools that can help them find vulnerabilities first. But attackers operate without oversight, can afford to invest time in bypass techniques, and only need to succeed once. The economics favor offense.

The crypto industry’s track record suggests most protocols will not invest sufficiently in AI-augmented defense before attackers demonstrate AI-augmented offense. The fear and greed index may capture market sentiment, but it does not capture the growing technical risk beneath the surface.

Preparing for Machine-Speed Adversaries

What can protocols actually do? The pattern in 2026’s largest exploits points toward operational security rather than smart-contract hardening.

Key management practices need to assume that attackers can identify and target key holders faster than before. The Humanity Protocol breach involved three of six keys on a single laptop. That operational setup might have seemed acceptable when human reconnaissance took months. It becomes indefensible when AI can map an organization’s key management topology in days.

Signing flows need adversarial review with AI-capable opponents in mind. If a protocol’s multi-sig has time windows where effective control drops to fewer signers, AI-augmented attackers will find those windows faster.

Social-engineering defenses need to improve. The Drift Protocol attack took six months of patient relationship building. AI tools that can help attackers craft more convincing, more personalized approaches could compress that timeline. Protocols need out-of-band verification for any privileged access changes, period.

The guides on seed phrase security and hardware wallet comparisons matter more now than ever for individual holders. Institutional-grade key management matters even more for protocols holding user funds.

Anthropic’s Fable 5 release lands in a crypto market that lost $840 million in five months largely through human error, not contract bugs. The next billion-dollar hack may not require a novel exploit. It may just require an attacker who can find the existing weaknesses faster than defenders can fix them.

Bottom line
Anthropic’s Claude Fable 5 may not invent new crypto exploits, but security experts warn it could compress attack timelines from months to days. With $840 million already lost to human-error exploits in 2026, DeFi’s biggest vulnerability is not its code but its operational security.

References

Nothing in this article constitutes investment advice. Cryptocurrency carries risk, always do your own due diligence.

Frequently asked questions

What is Claude Fable 5 and why does it matter for crypto?

Claude Fable 5 is Anthropic’s newest AI model with advanced reasoning and coding capabilities. For crypto, it matters because it can scan code, identify misconfigurations, and potentially construct exploits at speeds no human can match, making DeFi protocols more vulnerable to attacks.

How much has DeFi lost to hacks in 2026?

DeFi protocols have lost more than $840 million to hacks in the first five months of 2026, according to DefiLlama data. April alone accounted for over $600 million, making it the worst month on record for decentralized finance.

Can AI safety filters prevent crypto hacks?

Not reliably. According to Ledger’s CTO Charles Guillemet, current AI guardrails raise friction but are not a reliable control against a determined adversary. Anthropic itself acknowledges that well-funded attackers will keep trying to circumvent safety measures.

What is Claude Mythos 5 and who can access it?

Claude Mythos 5 is the less restricted version of Anthropic’s new AI, available only to vetted users in cybersecurity and critical infrastructure. It can find and chain zero-day vulnerabilities, turning bugs into working attacks.

What were the biggest DeFi hacks in 2026?

The two largest incidents were a $285 million exploit of Drift Protocol through a six-month social engineering campaign by a North Korea-linked group, and a $292 million theft from Kelp DAO through a single-verifier flaw. Neither required sophisticated smart-contract exploits.

Will AI create new types of crypto hacks?

Security experts say probably not. The shift is less about AI inventing new kinds of hacks and more about dramatically reducing the time needed to find weaknesses. A reasoning model can scan commits, grep configurations, and enumerate misconfigurations at machine speed.
Share:
Twitter Facebook LinkedIn Reddit WhatsApp Telegram Email