AI Agents Uncover Millions in Blockchain Vulnerabilities on NFT.EU

Researchers from Anthropic, working with MATS program participants, assessed the real threat of artificial intelligence in cybersecurity. During tests, agents powered by GPT-5, Claude Opus 4.5, and Claude Sonnet 4.5 generated exploits worth $4.6M.

WebKeyDAO Exploit Transcript - Full Visualization. Source: Anthropic

The algorithms didn’t just successfully attack known vulnerable contracts. They independently identified two previously unknown security flaws in fresh code deployed on Binance Smart Chain.

The Economics of Automated Hacking

The findings confirm that using AI for attacks is becoming economically viable. API costs to use GPT-5 for scanning all 2,849 contracts totaled $3,476. The total value of vulnerabilities found reached $3,694. While the net profit was slim — just $109 — the positive balance itself validates the concept: autonomous hacking pays.

The average cost for an agent to check a single contract was $1.22. Computing costs are dropping while model efficiency is rising. Over the past year, revenue from exploits generated by top models has doubled approximately every 1.3 months.

Researchers’ Findings

Lead authors Winnie Xiao and Cole Killian highlight the growing speed of AI adaptation.

"If agents can currently execute over 55% of the hacks committed by humans in 2025, the window for defense will narrow in the future," they noted.

The toolkit used to steal funds is identical to the one used for code auditing. The ability of AI to build complex logical chains works both ways. Blockchain took the first hit due to its transparency, becoming the perfect training ground for bots. Experts warn this wave of automated hacks will inevitably spill over beyond crypto and hit traditional software.

Read also:

This post is for informational purposes only and does not constitute advertising or investment advice. Please do your own research before making any decisions.

0

Comments

0

All comments are moderated according to the portal rules