When AI Learns "Black" DeFi: Behind the Escalation of Threats is a Defensive Revolution that Rewrites the Rules.

CN
PANews
Follow
2 hours ago

If a professional in the DeFi security field suddenly starts advising friends and family to withdraw all their money from DeFi protocols like Aave and Compound—how would you view this situation?

This is not panic-driven speech. Manuel Aráoz, co-founder of OpenZeppelin, recently publicly expressed this stance. His reasoning is just one sentence: the asymmetry between offense and defense is intensifying at an unprecedented speed.

Data corroborates this intuition.

  • In April 2025, the total amount stolen from DeFi was $630 million.
  • Since mid-April, the total locked value in DeFi has decreased by 14%.
  • TVL fell from $172 billion to $148 billion.

The $630 million stolen in a single month is the most devastating month since the $1.5 billion theft from Bybit in February 2025. Drift and Kelp DAO lost $285 million and $293 million respectively, with the perpetrators pointing to North Korean hackers.

But what Aráoz really wants to convey is not "another hacking incident". He is talking about underlying structural issues—"defenders need to fix every vulnerability, while attackers only need to succeed once. AI is giving attackers superhuman capabilities to discover vulnerabilities."

Asymmetric warfare has already begun

This sentence deserves careful consideration.

Traditional software security is already an asymmetric war: the defenders need to plug all the vulnerabilities, while attackers only need to find one gap. In DeFi, this asymmetry is magnified tenfold—once a smart contract is deployed, it is virtually unalterable, and funds are directly exposed to on-chain logical vulnerabilities. Anyone in the world can launch attacks at any time, and recovering the funds afterward is difficult.

The involvement of AI has provided attackers with an unprecedented weapon.

This is not a hypothetical threat. By the end of 2025, research confirmed that a compromised AI-coded agent completed 80% to 90% of autonomous network penetrations on at least 30 global organizations with minimal human intervention. The era of AI offense is not "coming soon," but has already arrived.

Claude Mythos may rewrite the situation

Against this backdrop, in April 2026, Anthropic trained a new model—Claude Mythos.

Independent testing by the UK AI Safety Institute (AISI) provided shocking numbers for the industry: in expert-level Capture The Flag (CTF) cybersecurity challenges, Mythos Preview achieved a success rate of 73%. Prior to April 2025, no AI model had accomplished such tasks.

Claude Mythos capability snapshot

  • Vulnerability discovery: Developed 181 usable vulnerabilities in one test, covering all major operating systems and browsers, including multi-step browser sandbox escape chains.
  • Attack simulation: Became the first AI model capable of executing an end-to-end simulation of a "32-step corporate network intrusion" attack chain.
  • Zero-day vulnerabilities: Capable of independently discovering previously unknown software vulnerabilities, including hazards that have existed in the systems for 30 years.
  • Capability benchmark: Two years ago, the best AI model barely completed beginner-level cybersecurity tasks; Mythos directly reached a level comparable to top human experts.

In the words of Turing Award winner and top global AI scientist Yoshua Bengio: this is "the first large-scale discovery of zero-day vulnerabilities in human history," and these vulnerabilities can be used to attack banking systems, government networks, medical infrastructure—and DeFi protocols.

But the story has just begun to focus.

The same knife, held by the defenders

However, there is another side to this matter, and this side is equally important.

Alongside the launch of Mythos, Anthropic initiated a defensive plan called Project Glasswing: using Mythos to actively scan mainstream software for security vulnerabilities, identifying and fixing them before attackers exploit them. Within a month, Anthropic and 50 restricted partners identified over 10,000 high-risk vulnerabilities across mainstream software systems, covering more than 1,000 open-source projects.

Mozilla fixed 271 vulnerabilities discovered by Mythos in a single Firefox version update. Cloudflare identified 2,000 vulnerabilities in its critical infrastructure. A participating bank used Mythos to intercept a fraudulent wire transfer of $1.5 million—attackers had already compromised the customer's email and made a spoofed call, but AI detected it.

One particularly noteworthy detail: among the discoveries was CVE-2026-5194, a critical vulnerability in the security-oriented open-source cryptographic library WolfSSL, with a CVSS score of 9.1, allowing attackers to forge TLS certificates, theoretically affecting billions of IoT devices—this vulnerability quietly existed in the code before it was publicly disclosed, known to no one.

In other words, Mythos is not just an offensive weapon; it is also currently the strongest defensive scanning tool—the only question is, who will use it first.

What DeFi needs is not to withdraw but to upgrade

This logic holds true for DeFi as well.

Past security audits were a combination of "human + tools", requiring weeks to audit a complex protocol, with blind spots in coverage. AI audits can scan a larger range of code in a shorter time, uncovering logical vulnerabilities that humans might overlook. If defenders establish this capability first, proactively seeking out their own vulnerabilities, the passive situation of being attacked will change.

This is an arms race, but it is not one-sided.

Potential value of AI defense systems for DeFi

  • Continuous audit layer: AI scans protocol code 7×24 hours, automatically rerunning audit logic after each contract update, compressing the security response window from "weekly" to "hourly."
  • On-chain anomaly monitoring: Similar to intercepting fraudulent wire transfers, identifying abnormal trading patterns and triggering stop mechanisms before attacks fully unfold.
  • White-hat capability equalization: When AI tools are made available to community security researchers, the ability to find vulnerabilities will no longer be exclusive to national-level hackers, and DeFi's defenses can truly be penetrated into the community.
  • Narrative opportunities in the security race: AI-driven on-chain security infrastructure is itself the next Web3 narrative to watch—whoever first introduces Mythos-level capabilities into DeFi's defensive system will define the next generation of security standards.
Concerns are not the endgame

Aráoz's concerns are real, but they describe an old paradigm that is collapsing, rather than the end of DeFi.

What is the old paradigm? It is the security assumption of "code is law": once a contract is audited and passes code review, it is forever secure. This assumption had many loopholes even before AI emerged; now it is just being breached more quickly.

What is the new paradigm? Project Glasswing provides a prototype: security is not a one-time event but a continuously operating capability. Defenders do not need "better human audits" but "defensive AIs that can match attackers' AIs."

Interestingly, Anthropic itself admits: among the vulnerabilities discovered by Glasswing, the current fix rate is less than 1%. More than 23,000 vulnerabilities have been found, but the progress of patches far lags behind the speed of discoveries. This indicates that the challenge remains enormous—but it also shows how substantial the market space is for the security infrastructure capable of achieving this.

In conclusion

Every technological leap disrupts the existing balance between attack and defense. In the early days of the internet, some said "the network is never secure," but the security systems eventually kept up—because the motivation for defense was strong enough. DeFi locks up hundreds of billions of dollars in assets, and this motivation will only grow stronger.

The security issues of DeFi are not a "technically unsolvable deadlock," but rather "the old defensive tools cannot keep up with the new offensive tools." The emergence of Claude Mythos proves that AI has already surpassed humans in the matter of vulnerability discovery. The key question is only one: who will be the first to put this weapon in the hands of the defenders?

Glasswing answered this question—at least in the field of traditional internet infrastructure. The DeFi version is still awaited. Waiting for protocol developers, security agencies, DAO communities, and Web3-native security teams to operationalize the same logic on-chain.

Those who withdrew from DeFi in the panic of April are not necessarily wrong. But those who stay and reconstruct the defensive system are defining what the next era of DeFi looks like.

*This content is for reference only and does not constitute any investment advice. Market risks are present; invest cautiously.

免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

Share To

Related Articles

avatar
avatarPANews
55 minutes ago
What are some good paths for Web3 entrepreneurship in China? (Five)
avatar
avatarForesight News
1 hour ago
Seeking Alpha hot article: Why U.S. stocks may crash in June?
avatar
avatarForesight News
2 hours ago
UBS: The congestion level of A-share technology stocks has not yet reached historical peaks.
avatar
avatarOdaily星球日报
2 hours ago
Exchanging thirty years of early death for a trillion-dollar valuation, Silicon Valley is once again rewarding those who risk their lives.
APP

X

Telegram

Facebook

Reddit

CopyLink