Anthropic has developed an AI model that finds critical software vulnerabilities undiscovered for 27 years, creating a significant new systemic risk for the $200 billion decentralized finance (DeFi) ecosystem.
The company noted that "mitigations whose security value comes primarily from friction rather than hard barriers may become considerably weaker against model-assisted adversaries."
The model, Claude Mythos Preview, found a 27-year-old bug in the security-focused OpenBSD operating system for less than $50 in compute costs and created a working Linux attack from a known vulnerability in under a day for less than $2,000.
The discovery of flaws in core cryptography libraries like TLS and SSH directly threatens the open-source foundation of DeFi protocols on Ethereum and Solana, suggesting that defenses like audits and multisig wallets may be insufficient against AI-driven attacks.
A New Class of Automated Threat
Claude Mythos Preview has demonstrated a capability that surpasses existing automated tools and, in some cases, decades of human security research. It uncovered a 16-year-old flaw in the widely used FFmpeg video software that had been scanned five million times by other tools without detection. This stands in stark contrast to theoretical threats like quantum computing, as the Mythos model is already operational. Its ability to rapidly find and weaponize flaws in software that protects user funds presents an immediate and tangible risk.
Friction-Based Defenses Under Fire
The threat is particularly acute for the DeFi sector, where protocol code is open source and readable by anyone—including an AI operating at machine speed. The roughly $200 billion locked in smart contracts has been vetted by human audits and automated scanners, but Anthropic claims its model operates beyond the capabilities of both. This challenges the effectiveness of common security measures in crypto, such as requiring multiple signatures for transactions (multisig), imposing time delays (timelocks), and relying on audit reports as proof of security. These "friction-based" defenses are designed to slow down attackers, not stop a threat that can analyze and exploit code at near-zero marginal cost.
While the DeFi market, measured by the CoinDesk DeFi Select Index, has gained 7% on unrelated macroeconomic news, this development introduces a significant, unpriced risk. Investors may need to re-evaluate protocol security beyond standard audits. The divergence between protocols with hard-coded security versus those reliant on friction could become a key performance driver. The model is currently restricted to 40 companies, including Google and Microsoft, under 'Project Glasswing,' delaying but not eliminating the public threat.
This article is for informational purposes only and does not constitute investment advice.
