The crypto hacks came a little over two weeks apart in April, netting the attackers almost $600 million in total while triggering an investor exodus from one major platform and causing another to fail.

But for all the damage the two exploits wrought, what most alarmed cybersecurity experts was how the hackers pulled them off. The attackers — widely believed to be North Korea-linked groups — appear to have used artificial intelligence to select targets and design exploits, according to blockchain forensics firm TRM Labs.

The heists displayed such a leap in sophistication that it’s highly likely the hackers worked with the help of AI, said TRM investigator Nick Carlsen, who specializes in North Korean crypto crime.

AI in criminal hands would mark a sharp escalation of the threat facing crypto, which has lost billions of dollars to hacks over the past few years. The industry is uniquely exposed to digital theft because of the nature of the blockchain infrastructure it operates on.

Investors yanked some $9 billion in two days from a lending protocol used to launder proceeds from one of the April hacks, showing how quickly confidence can vanish even when the platform itself isn’t the target.

“There is no room for error in security” now, said Nicholas Smart, chief intelligence officer at blockchain investigations firm Crystal Intelligence.

Hanging over it all is Mythos, the AI model Anthropic PBC has withheld from wide release over its cybersecurity risks. While there’s no evidence the hackers had access to it, researchers say it’s only a matter of time before criminals obtain more powerful AI tools. And Anthropic’s own research shows that even existing agents are highly capable of exploits.

One worry is that AI could lower the barriers to entry for would-be crypto thieves. “Before AI, there may have been a limited number of elite hackers,” said Niv Yehezkel, head of Security Products Engineering at Chainalysis. “Now, almost anyone is just a subscription away from operating like an elite hacker.”

Decentralized finance, a $130 billion corner of the industry where investors trade, borrow and lend cryptocurrencies over automated protocols, has become particularly vulnerable. The number of DeFi exploits soared to a record in April, almost doubling from the previous month. That’s prompted a rush among projects to strengthen their defenses against the onslaught.

While most of the exploits were small, the jump shows how cybercriminals are getting better at scanning software for weaknesses and quickly designing exploits — in all likelihood, experts say, with the help of widely available AI models.

Determining whether hackers are using AI isn’t an exact science, according to over half a dozen cybersecurity researchers interviewed for this article. Rather, investigators draw conclusions based on the sophistication of an attack, the methods used, and the perceived difficulty of identifying the target. The abrupt rise in heists is in itself a clear indicator that hackers are deploying AI, they said.

“With AI, the cost of vulnerability detection is trending to zero,” said Aneirin Flynn, chief executive officer of security audit firm Failsafe. The time it takes for hackers to identify a weakness in a blockchain protocol has been compressed from months to days or even hours using AI, he said.

The cybersecurity threat from AI isn’t unique to crypto. In November, Anthropic said attackers manipulated its Claude model in an attempt to infiltrate roughly 30 entities including big technology companies, financial institutions and government agencies and “succeeded in a small number of cases.” It didn’t name the targets.

When Anthropic executives discovered that Mythos was far more capable of cyberattacks than earlier models, they chose to initially limit its release to a handful of global tech giants so that they could test it against their own products. Major banks have also started testing Mythos.

Patchwork of code

DeFi, however, appears especially at risk. Unlike in traditional finance, oversight remains fragmented. Banking watchdogs routinely stress-test large lenders’ cyber defenses to ensure resilience. Banks can block suspicious transfers; transactions over blockchains can’t be reversed, and hackers have myriad ways of moving stolen funds out of reach.

DeFi — which has become popular among crypto investors seeking yield — is essentially a network of interoperable, blockchain-based protocols that employ self-executing code known as smart contracts to let users move and deploy cryptoassets without relying on centralized intermediaries. Resources for investing in cybersecurity vary significantly between projects.

That leaves hackers with a wide array of potential targets to strike. It also means the aftershock of a heist can ripple through the ecosystem, leaving other companies exposed too.

Taken together, the two big hacks in April illustrated both dangers. The first targeted a derivatives exchange called Drift Protocol and drained over $280 million. In a postmortem published days after the attack, Drift said the hackers spent months building a relationship with its contributors, masquerading as a quantitative trading firm. They then tricked employees into authorizing malicious transactions.

Other aspects of the heist were equally ambitious. The hackers manufactured a fictitious token and created an inflated trading record to trick Drift’s protocols into treating it as legitimate collateral.

Drift was forced to shut down and plans to relaunch itself after receiving an infusion of stablecoins from Tether. Another DeFi project called Carrot, which had exposure to the Drift platform, announced April 30 that it was shuttering because of the incident.

The second one struck Kelp DAO, where the hackers targeted a software protocol known as a “bridge” that helps connect different blockchains. Some aspects of the heist — which netted almost $300 million — aren’t fully understood, but the aftermath was much more damaging because of how the hackers laundered the proceeds.

In a novel approach, they used most of the loot as collateral for borrowing on Aave, the biggest DeFi lending protocol. That, in turn, sparked fears of worthless collateral on Aave and rush for the exit among depositors that spread to other platforms with no links to the hack. Aave ended up needing a rescue.

The Drift and Kelp DAO hacks differed in several ways; for instance, the former seemed to rely more heavily on social engineering, where hackers trick humans into giving them access to private systems. But their ingenuity went far beyond previous attacks, experts said, leading some to suspect the hackers relied on AI to help with elements like planning and design.

“I highly suspect that North Koreans used AI to engineer both” hacks, said Nick Carlsen, a former FBI analyst who is now an investigator at TRM Labs. “This is all stuff North Korea never used to do.”

There have been some attempts to test existing AI agents’ skills in detecting blockchain vulnerabilities and designing hacks. In December, Anthropic published research that showed more than half of blockchain exploits carried out in 2025, “presumably by skilled human attackers,” could have been done autonomously using AI.

What Anthropic called “potential exploit revenue” had been doubling every 1.3 months and the cost of a hack had fallen precipitously, the researchers found. “Profitable autonomous exploitation can happen today,” they wrote.

Anthropic declined to comment on whether it has repeated the experiment using Mythos.

Another test was carried out by two engineers at a16z, the biggest crypto venture capital firm. The results were mixed: An AI trained by analyzing past DeFi hacks “always found the vulnerability” in a given protocol, but wasn’t able to fully design a profitable exploit, Daejun Park and Matt Gleason wrote in an April 28 blog post.

They noted that the experiment was done before Anthropic unveiled Mythos, and said they plan to test the model “once we get access.”

Building defenses

Inside crypto, the urgency to confront hacking is mounting. Failsafe CEO Flynn said several clients are installing software that continuously scans multiple devices connected to a network, from laptops to mobile phones, and is capable of detecting suspicious patterns and alerting managers to potential threats.

Yuan Han Li, a partner at crypto VC firm Blockchain Capital, has called for increased use of circuit breakers that would pause or limit transactions beyond a certain threshold — essentially buying more time to respond to an exploit. One trading venue called Jupiter has a similar solution in place which it is rolling out more widely, according to co-founder Siong Ong.

Aave is expanding its risk framework for collateral to include cybersecurity factors, Linda Jeng, the lending platform’s chief legal and policy officer, said last week.

Any effort to thwart North Korea-affiliated hackers armed with AI is ultimately doomed to fail, according to TRM’s Carlsen. As he sees it, the only solution is to turn the tables on cybercriminals and deploy their own methods to take stolen crypto back.

“You don’t win this kind of campaign playing defense” against attackers, he said. “They need to be hacked.”

(With assistance from Monique Mulima.)

©2026 Bloomberg L.P. Visit bloomberg.com. Distributed by Tribune Content Agency, LLC.