New synthetic intelligence (AI) fashions have shifted the cybersecurity enjoying subject in favor of attackers, inflicting a “vulnerability apocalypse” that led to the resurgence in decentralized finance (DeFi) hacks, based on Mitchell Amador, the CEO of bug bounty platform Immunefi.
The proliferation of latest AI fashions, reminiscent of Claude Opus 4.8 and ChatGPT 5.5, is the primary motive that led to the resurgence in crypto hacks in 2026, Amador instructed Cointelegraph on the current WAIB Summit in Monaco.
Hacking exercise throughout the business surged in April 2026, with illicit actors stealing greater than $634 million from cryptocurrency platforms, the best month-to-month complete because the Bybit hack helped drive losses to roughly $1.4 billion in February 2025, based on DefiLlama knowledge.
Whole crypto hacks by month-to-month sum, all-time chart. Supply: DefiLlama
Crypto must survive the subsequent three to 4 years
The following three to 4 years can be a vital survival interval for the crypto business, till cybersecurity groups harness the defensive capabilities of those identical AI fashions to construct “impregnable” codebases that attackers gained’t be capable of breach, stated Amador.
This timeline might shrink to lower than two years if the business adopted extra “crowdsourced safety options” till cybersecurity researchers flip these AI fashions to their benefit, he added.
Amador’s feedback adopted the discharge of Anthropic’s newest Claude Mythos mannequin, Fable 5, which sparked business considerations over its potential skill to speed up cryptocurrency exploits.
Anthropic stated on Tuesday that Fable 5 has safeguards that reroute matters reminiscent of cybersecurity to a distinct mannequin, Claude Opus 4.8.
Associated: Restoration hopes fade as Kelp DAO hacker launders practically all $220M in stolen funds
The business has develop into more and more delicate to safety dangers after a string of main DeFi exploits renewed considerations about protocol vulnerabilities.
On April 19, an attacker drained about 116,500 restaked Ether (rsETH), price roughly $290 million to $293 million on the time, from Kelp DAO’s LayerZero-powered rsETH bridge.
LayerZero stated Kelp DAO’s 1/1 decentralized verifier community (DVN) setup created a single level of failure by counting on a single verifier path for cross-chain messages. LayerZero stated it had beforehand suggested towards that configuration.
Journal: The authorized battle over who can declare DeFi’s stolen hundreds of thousands
