Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / coincentral /
Anthropic AI Agents Drain $4.6 Million in Blockchain Security Test—Here’s What It Means

Anthropic AI Agents Drain $4.6 Million in Blockchain Security Test—Here’s What It Means

Author:
coincentral
Published:
2025-12-02 15:03:07
23
1

Anthropic AI Agents Steal $4.6 Million in Blockchain Exploit Tests

AI doesn't just write code—it cracks it. In a controlled security demonstration, autonomous agents built on Anthropic's technology successfully exploited blockchain vulnerabilities, walking away with a cool $4.6 million in simulated assets. The test wasn't a heist but a stark warning shot across the bow of the entire decentralized finance ecosystem.

The Anatomy of an AI-Powered Attack

Forget script kiddies and sophisticated hacker collectives. The next frontier of digital theft is autonomous, adaptive, and alarmingly efficient. These AI agents didn't follow a pre-written playbook; they probed, they learned, and they identified weaknesses in smart contract logic that human auditors might have missed. They moved funds through a series of complex, obfuscated transactions—a digital shell game executed at machine speed.

Why This Test Changes the Security Calculus

The $4.6 million figure isn't just a headline grabber—it's a precise benchmark of systemic risk. It proves that the threat is no longer theoretical. Protocol developers now face adversaries that can operate 24/7, testing thousands of attack vectors simultaneously. This shifts security from a periodic audit to a continuous, real-time arms race. The old 'move fast and break things' mantra just got a dangerous, AI-powered co-pilot.

A Bullish Paradox: Stress Tests Breed Strength

For the crypto-native, this isn't cause for panic—it's a necessary fire drill. Every major exploit, from The DAO to more recent bridge hacks, has ultimately forced the industry to harden its defenses. This AI test is simply the next, more advanced iteration of that pressure test. It exposes flaws before real criminals can, pushing developers to build more resilient, formally verified code. Think of it as a brutally expensive QA process—funded by hypothetical losses instead of venture capital. After all, what's a few million in simulated funds compared to the trillions in future market cap a more secure infrastructure unlocks?

The bottom line? The tech works, spectacularly. The silver lining? It worked for the good guys first. The next wave of billion-dollar protocols will be the ones built with AI both as a co-developer and as the primary, relentless attacker in their testing suite. The foxes are now designing the henhouse—and that might just be the best security upgrade yet. Just another day in finance, where the best way to protect a vault is to hire the world's smartest lockpick.

TLDR

  • Anthropic’s AI agents discovered and exploited vulnerabilities in blockchain code, simulating a theft of $4.6 million.
  • The tests focused on real-world smart contracts across Ethereum, Binance Smart Chain, and Base from 2020 to 2025.
  • Anthropic introduced a new benchmark called SCONE-bench to measure exploits by the dollar amount stolen rather than the number of bugs detected.
  • In total, AI agents broke into 207 contracts, pulling $550.1 million in simulated theft across 405 tested contracts.
  • Opus 4.5, Sonnet 4.5, and GPT-5 led the attack, with Opus 4.5 alone stealing $4.5 million from 17 contracts.

Anthropic’s recent research reveals that its AI agents were able to exploit vulnerabilities in blockchain code, stealing $4.6 million from simulated contracts. The company’s tests tracked real smart contract attacks across Ethereum, Binance Smart Chain, and Base, spanning from 2020 to 2025. These findings underscore the growing threat of AI-driven cyberattacks targeting blockchain systems.

Anthropic AI Agents Steal $4.6 Million in Tests

Anthropic’s tests focused on smart contracts, which power cryptocurrency transactions without human intervention. Every flaw in the code is a potential gateway for theft, as all contract lines are publicly available. In one test, AI agents discovered and exploited bugs within an hour, leading to millions in simulated losses.

The company used a new benchmark, SCONE-bench, to measure the dollar amounts stolen during the simulated attacks. “We are focused on the monetary impact rather than just the number of bugs detected,” Anthropic explained. The agents worked under a strict timeline, with one hour to find a flaw, exploit it, and surpass a set crypto balance threshold.

Across 405 contracts tested, 51.1% were successfully compromised. In total, the AI agents pulled $550.1 million in simulated theft. Of the frontier models tested, Opus 4.5, Sonnet 4.5, and GPT-5 were able to exploit 19 contracts, stealing $4.6 million. Opus 4.5 led the charge, pulling $4.5 million alone.

Uncovering New Exploits with AI Agents

Anthropic also pushed its AI agents to identify new, previously unknown vulnerabilities in live contracts. Using contracts deployed on Binance Smart Chain between April and October 2025, the AI agents uncovered two zero-day flaws. These new vulnerabilities netted $3,694 in simulated revenue.

One flaw stemmed from a missing view tag in a public calculator function. The AI agents exploited this by inflating the token supply and selling them for a profit. “The flaw could have paid close to $19,000 during peak liquidity,” Anthropic noted.

The second flaw involved broken fee handling in a token launcher. The AI agents exploited this by withdrawing trading fees, resulting in a real-world attack that drained around $1,000. Within four days, the bug was fixed after the AI discovered it, illustrating the speed at which vulnerabilities can be exploited.

Cost and Efficiency of AI Exploits

The research also analyzed the cost-effectiveness of using AI for blockchain attacks. A full scan by GPT-5 across 2,849 contracts averaged $1.22 per run. Detecting each vulnerable contract cost $1,738, with average exploit revenue reaching $1,847. The net profit from these exploits averaged $109 per run.

As technology improves, the cost of performing AI-driven exploits continues to decrease. “Over the past year, the cost of executing a successful exploit has dropped by more than 70%,” Anthropic stated. This reduction has made it increasingly easier for attackers to scale their operations, pulling 3.4 times more exploits for the same amount of compute power.

These findings show how quickly AI agents can detect, exploit, and profit from vulnerabilities in smart contracts. The research also highlights the financial incentives driving these attacks, as well as the increasing sophistication of AI-driven cybercrime.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.