
DeFi lost $840M in 2024's first five months. Anthropic's new Claude Fable 5 model can accelerate the scouting phase of an attack, turning days of exploit prep into hours.
Anthropic released Claude Fable 5 on Tuesday, its most powerful public reasoning model, alongside a restricted version called Claude Mythos 5 for cybersecurity teams. The company says Mythos can find and chain zero-day vulnerabilities – software flaws no one has seen before – and turn a bug into a working exploit. For crypto markets, the timing is stark.
DeFi protocols lost more than $840 million to hacks in the first five months of this year, DefiLlama data shows. April alone accounted for $600 million, the worst month on record. The two largest incidents – a $285 million drain from Drift Protocol and a $292 million theft from Kelp DAO – did not rely on smart-contract exploits. They used social engineering and key compromise. A third hit on Tuesday: Humanity Protocol, a decentralized identity service, lost over $30 million after a hacker gained access to three of six private keys on one employee's laptop.
Charles Guillemet, chief technology officer at hardware-wallet maker Ledger, said AI's main contribution is not inventing new attack types but accelerating the reconnaissance phase. “A reasoning model can diff every commit, grep every config, and enumerate every misconfiguration at machine speed,” he said in an email. The core vulnerabilities remain familiar: weak signing flows, exposed private keys, human error.
Anthropic acknowledges the system is not foolproof. In a blog post, the company said fewer than 5% of session requests trigger a fallback to a weaker model, Claude Opus 4.8. Even after more than 1,000 hours of bug-bounty testing, researchers found no universal way to bypass the guardrails. The company expects well-funded attackers to keep trying because the payoff is large. “The uplift from Mythos-level capabilities is valuable to many adversaries – for instance, those who could financially gain from cyberattacks – and we therefore expect them to be motivated to try to circumvent our safety measures,” the firm said.
Guillemet argued that current AI safeguards only raise friction, not eliminate risk. “They are not a reliable control against a determined adversary,” he said. The economics of an attack shift when the scouting phase runs at machine speed. A model does not need to hand over a finished exploit to change the timeline. It can scan public repositories, compare old versions of software, summarize audit reports, and draft convincing messages to find small operational mistakes humans miss.
A defender has to secure every key path, every dependency, every signing flow, every privileged account. Because AI accelerates the scouting phase, the final signing step becomes more important. Private keys need to sit somewhere a compromised laptop cannot reach, and users need a trusted screen that shows what they are actually approving. “The only real exit is a hardware root of trust: private keys generated and kept on a certified secure element, with a trusted display and Clear Signing,” Guillemet said.
The same techniques work defensively. Pendle, a DeFi yield protocol, said it has used Anthropic's models since the first version of Claude Opus. The team uses AI to map its codebase and stress-test contracts, including freshly deployed ones. Smart contracts themselves are relatively simple – short code with about a dozen entry points – and good auditors can already hold the full state in their heads, Pendle's developers said. The bigger concern is the infrastructure around the contract.
The next major crypto hack will probably not look new. It will involve the same poisoned dependency package, the same fooled developer, or the same bad signing flow that DeFi already knows. It will just happen sooner.
Prepared with AlphaScala editorial tooling from the source reporting linked above. Indexable analysis may include a cited Alpha Score value. Publishing checks screen each story before release. Educational coverage, not personalized advice.