AI is making crypto security cheaper, faster and harder to ignore

Reddit r/artificial News

Summary

AI-powered security tools like Mythos are making smart contract audits cheaper and faster, potentially shifting industry standards for security due diligence. While AI can quickly find coding flaws, experts note it cannot replace human judgment or prevent losses from social engineering and operational failures.

No content available
Original Article
View Cached Full Text

Cached at: 06/22/26, 01:36 AM

# AI is making crypto security cheaper, faster and harder to ignore Source: [https://www.coindesk.com/tech/2026/06/20/ai-is-making-crypto-security-cheaper-faster-and-harder-to-ignore](https://www.coindesk.com/tech/2026/06/20/ai-is-making-crypto-security-cheaper-faster-and-harder-to-ignore) ## As AI\-powered security tools become cheaper, faster and more widely available, researchers said they could reshape what the crypto industry considers reasonable due diligence before deploying code, potentially altering expectations for developers and institutions\. ![Hacker facing screens with lines of code (Boitumelo/Unsplash)](https://www.coindesk.com/_next/image?url=https%3A%2F%2Fcdn.sanity.io%2Fimages%2Fs3y3vcno%2Fproduction%2F6c28c3dcd5461d3803d6e6200f1da0686dde993f-1920x1082.jpg%3Fauto%3Dformat&w=3840&q=75) - The launch of AI\-powered security tools like Mythos could dramatically lower the cost of smart contract audits and enable continuous code reviews, potentially changing what the crypto industry considers reasonable security due diligence\. - While AI can help uncover coding flaws faster and more cheaply, some researchers said it cannot replace human judgment or prevent many of crypto's biggest losses, which often stem from social engineering, compromised credentials, and operational failures rather than smart contract bugs\. The release of Mythos, an AI system designed to autonomously[discover vulnerabilities in code](https://www.coindesk.com/tech/2026/04/25/how-anthropic-s-mythos-model-is-forcing-the-crypto-industry-to-rethink-everything-about-security), may do more than help blockchain developers find bugs\. As AI\-powered security tools become cheaper, faster and more widely available, researchers said they could reshape what the crypto industry considers reasonable due diligence before deploying code, potentially altering expectations for developers and institutions\. For years, smart contract security has been constrained by budgets\. Comprehensive audits often are costly, making AI systems like Mythos, which was briefly released earlier this month[before it was removed from the American market](https://www.cnn.com/2026/06/13/business/anthropic-mythos-model-national-security), dramatically cheaper\. "It pushes the price of a basic audit toward zero," said Alexander Urbelis, chief information security officer at ENS Labs\. Work that once required weeks and significant expense could eventually be completed in minutes, allowing projects that previously could not afford professional reviews to obtain fast security assessments\. For years, researchers have relied on automated tools known as fuzzers to hunt for software bugs by bombarding programs with inputs and observing what breaks\. AI systems take a different approach\. "It's a change in degree that could likely cause a change in kind," Urbelis said\. "Machines have hunted bugs for years\. But now we're talking about a fuzzer that has the capacity to reason\." Rather than simply identifying technical bugs, systems like Mythos could infer what code was intended to do and compare that against what it actually does\. In crypto, where smart contract code is public and bug bounties can have big budgets, that capability could significantly expand the industry's ability to identify vulnerabilities before launch\. David Schwed, COO of blockchain security firm SVRN and founder of the cybersecurity master's program at Yeshiva University, described the shift as even more significant\. "These models now operate the way a human attacker does," Schwed said\. "They iterate, they take the next step based on what they're seeing in real time\. The older tooling was just complicated deterministic flows\." But Schwed argued the bigger change may not be vulnerability discovery itself\. It may be the emergence of continuous security monitoring\. "The real shift is continuous auditing with suggested remediations at a fraction of the cost, instead of a point\-in\-time review you can only afford once," he said\. If security reviews become inexpensive and continuous, researchers said the industry's expectations could change alongside them\. Urbelis said he believes AI could eventually reshape the standard of care around smart contract development\. Historically, teams could point to the cost and complexity of audits as a reason certain reviews were not performed\. That argument becomes more difficult when sophisticated security analysis is available on demand\. "A clean AI report will be seen as no defense," he said\. "A plaintiff may well argue it the other way: the tool existed, it was cheap, and you should have caught it\." The prospect raises broader questions for the industry: if AI\-powered security reviews become ubiquitous, will investors expect them before funding projects, and could failing to run AI\-assisted audits eventually be viewed as negligence? Despite the technology's promise, neither researcher said he believes AI is poised to replace human auditors\. While machines excel at identifying coding flaws, Urbelis said they remain weaker at spotting the economic and incentive\-based vulnerabilities that have contributed to some of crypto's largest losses\. "The bugs that drain treasuries often turn on intent and adversarial incentives," he said\. "Those still need an experienced human in the room\." Schwed offered a similar warning\. "'Claude, audit my smart contract, make no mistakes' is not a security program," he said\. "If the person running the tool can't evaluate what comes back, you haven't bought security, you've bought a false sense of it\." But whether a system like Mythos could have prevented major hacks, both researchers noted that many of crypto's most costly incidents did not originate from smart contract vulnerabilities\. Urbelis pointed to the recent compromise of Drift, which he described as the[culmination of a months\-long social engineering campaign](https://www.coindesk.com/markets/2026/04/05/drift-says-usd270-million-exploit-was-a-six-month-north-korean-intelligence-operation)that targeted trusted contributors rather than the protocol's code\. "The smart contract did exactly what it was told," he said\. "The authority behind the instruction was what was compromised and abused\." Similarly, Schwed[cited incidents such as Ronin and Bybit](https://www.coindesk.com/business/2025/04/03/bybit-beefs-up-asset-security-following-usd1-45b-hack), where compromised keys and manipulated signing processes, rather than software vulnerabilities, played central roles\. "No code scanner stops an authorized signer from approving a transaction they can't verify," he said\. That reality suggests AI will not eliminate crypto's security challenges\. But the researchers argued it could fundamentally alter one part of the equation: the cost of finding bugs and the expectations surrounding their discovery\. ***Read more:[How Anthropic’s Mythos model is forcing the crypto industry to rethink everything about security](https://www.coindesk.com/tech/2026/04/25/how-anthropic-s-mythos-model-is-forcing-the-crypto-industry-to-rethink-everything-about-security)*** 1. 1 2. 2 3. 3 4. 4 5. 5 6. 6 7. 7 8. 8 9. 9 10. 10

Similar Articles

AI has another security problem

Lobsters Hottest

Article argues that AI-generated code and closed-source software are inherently less secure, and that LLMs like Anthropic’s Mythos will exacerbate vulnerabilities, making open-source projects the only trustworthy option.

AI is breaking two vulnerability cultures

Hacker News Top

AI is disrupting traditional vulnerability disclosure cultures (coordinated disclosure vs. bugs-are-bugs) by accelerating the detection and exploitation of security flaws, making long embargoes less effective and forcing a need for faster, AI-assisted responses.

Cybersecurity Looks Like Proof of Work Now

Simon Willison's Blog

The UK's AI Safety Institute's evaluation of Claude Mythos shows that AI-driven security vulnerability detection creates a new economic model where cybersecurity becomes a token-spending competition, incentivizing continuous investment in security reviews and making open-source libraries more valuable as shared security infrastructure.