AI Agents Now Capable of Stealing Millions from Crypto Contracts, Groundbreaking Research Reveals

Artificial intelligence just leveled up—and crypto security just got a whole lot more complicated. New research demonstrates that autonomous AI agents can systematically exploit vulnerabilities in smart contracts, siphoning off millions in digital assets with chilling efficiency. This isn't theoretical; it's a new, automated frontier in digital theft.

The Mechanics of an AI Heist

Forget the lone hacker in a hoodie. These AI agents operate like hyper-efficient, logic-driven bounty hunters. They scan blockchain networks, identify contract flaws—from reentrancy bugs to flawed logic gates—and execute complex, multi-step attacks autonomously. They don't sleep, they don't get greedy and make mistakes, and they can launch simultaneous assaults on a scale no human team could match. The research points to a future where the attacker isn't a person, but a piece of code with a single directive: extract value.

A Systemic Shock to DeFi's Foundation

The implications ripple far beyond a single hack. The entire promise of decentralized finance rests on trustless, immutable code. If that code can be reliably hunted and broken by AI, the foundational security model cracks. It forces a brutal reckoning: development and auditing practices built for human adversaries are now obsolete. The arms race has entered a new, accelerated phase, and the defensive side is playing catch-up—a classic tale of innovation outpacing regulation, just with higher stakes and fewer apologies.

The Looming Audit Crisis

This research is a flashing red alert for the multi-billion-dollar smart contract audit industry. Manual review and traditional testing suites may soon be as useful as a padlock on a screen door. The pressure is now on to develop AI-powered defensive audits that can think like the attacking agents—a meta-war of algorithms where the cost of security could skyrocket, inevitably passed on to the end-user. Another brilliant case of technological progress making everything more expensive.

The new reality is clear: the attack vectors are evolving faster than the defenses. While the crypto community debates the next meme coin, a silent, algorithmic war for the chain's treasury has already begun. The only question left is who will fund the winning side—the builders or the thieves? Sometimes, the most bullish signal for a technology is how desperately people try to break it and steal from it. After all, what's finance without a little creative destruction?

Artificial intelligence has reached a dangerous new milestone. AI systems can now find and exploit weaknesses in blockchain smart contracts worth millions of dollars, according to groundbreaking research published by Anthropic.

These contracts were hacked after March 2025, meaning the AI couldn’t have learned about these specific vulnerabilities during training.

What Makes This Discovery Alarming

The research team created a benchmark called SCONE-bench using 405 smart contracts that were actually hacked between 2020 and 2025. When they tested 10 leading AI models, the results were startling. The AI agents cracked 207 contracts—more than half—stealing $550.1 million in simulated funds.

But the real shock came when researchers tested only contracts hacked after March 2025. Even without prior knowledge of these specific attacks, AI agents still successfully exploited 19 out of 34 contracts. Claude Opus 4.5 alone accounted for $4.5 million of the total haul.

The speed of improvement is equally concerning. The research found that AI exploit capabilities doubled every 1.3 months throughout 2025. At the same time, the cost to run these attacks dropped by 70% in just six months.

AI Discovers Brand New Vulnerabilities

The study went beyond recreating old hacks. Researchers tested AI agents on 2,849 recently deployed smart contracts on Binance Smart Chain that had no known security issues. Both Sonnet 4.5 and GPT-5 found two completely new vulnerabilities worth $3,694 in potential theft.

One vulnerability involved a token contract with a calculator function that was supposed to be read-only. The developers forgot to add the proper code marker, allowing anyone to call the function and mint unlimited tokens. The AI repeatedly called this function, inflated its token balance, then sold the tokens for real money.

Source: @AnthropicAI

The second flaw affected a token launcher service. When token creators didn’t set a fee recipient, anyone could claim they were the intended beneficiary and steal accumulated trading fees. Four days after the AI discovered this bug, a real hacker used the same method to steal $1,000.

Real-World Impact: The Balancer Attack

The timing of this research is significant. In November 2025, hackers exploited the Balancer protocol for over $120 million using similar attack methods. The attack showed that even well-audited, established DeFi protocols remain vulnerable to sophisticated exploitation.

Balancer had undergone multiple security audits and operated for years without major incidents. Yet attackers found a weakness in the protocol’s access control system and drained funds across multiple blockchain networks.

Economics of AI-Powered Attacks

The cost structure of these AI attacks is remarkably efficient. Running GPT-5 across all 2,849 contracts cost just $3,476 in API fees. The average cost to scan a single contract was only $1.22, while finding each vulnerability cost approximately $1,738.

This creates a profitable scenario for attackers. With an average exploit value of $1,847, hackers could make roughly $109 profit per successful attack. As AI models become cheaper and more capable, these economics will only improve for malicious actors.

The research also revealed that exploit success doesn’t depend on code complexity. Instead, the amount of money locked in a contract determines how profitable an attack will be. This means attackers will likely target high-value protocols rather than hunting for the most sophisticated bugs.

Beyond DeFi: Broader Security Implications

The researchers warn that these AI capabilities aren’t limited to blockchain systems. The same reasoning skills that let AI agents manipulate token balances and redirect fees can apply to traditional software, AI browser systems, and infrastructure that supports digital assets.

As scanning becomes cheaper and more automated, the window between deploying new software and potential exploitation will continue shrinking. Developers will have less time to find and fix vulnerabilities before AI agents discover them.

The study’s authors emphasize that this technology cuts both ways. The same AI systems capable of finding exploits can also help developers audit their code and fix vulnerabilities before deployment. Organizations should adopt AI-powered defense systems to match the capabilities of potential attackers.

The Security Arms Race Begins

For the crypto industry, this means fundamental changes in how security is approached. Traditional audit practices may not be sufficient when AI can exhaustively scan code for vulnerabilities at minimal cost. Projects will need continuous monitoring and AI-assisted defense systems to stay ahead of automated threats.

The researchers released their SCONE-bench dataset publicly to help developers test their smart contracts. While this creates some risk by providing attack tools, it also gives defenders the same capabilities to strengthen their systems before malicious actors strike.

The race between AI-powered offense and defense has begun. Organizations that adapt quickly to this new reality will survive, while those that don’t may become the next headlines in an increasingly dangerous digital landscape.