TL;DR:
- AI models like GPT-5 and Sonnet 4.5 can autonomously exploit DeFi contracts, simulating $4.6M in potential hacks.
- Two zero-day flaws were discovered in untouched contracts, showing technical and economic feasibility.
- Autonomous exploitation threatens DeFi and broader software, highlighting urgent need for enhanced defenses.
Artificial intelligence is advancing rapidly in the cryptocurrency sector, with new research indicating that AI agents can now autonomously identify and exploit vulnerabilities in decentralized finance (DeFi) protocols. AI models like GPT-5 and Sonnet 4.5 have demonstrated the ability to generate fully executable exploit scripts, highlighting a growing threat as automated attacks become technically and economically feasible.
Frontier AI Models Simulate Real DeFi Exploits
In a joint study conducted by the ML Alignment & Theory Scholars Program (MATS) and the Anthropic Fellows program, frontier AI models were tested against SCONE-bench, a dataset containing 405 contracts previously exploited. These models collectively simulated $4.6 million in potential exploits, reproducing attack sequences that closely mirrored real-world Ethereum and BNB Chain hacks. The research shows that AI agents can not only detect bugs but also synthesize scripts to sequence transactions and drain liquidity autonomously.
Testing went further, with GPT-5 and Sonnet 4.5 scanning 2,849 recently deployed BNB Chain contracts with no known exploits. Both models discovered two zero-day vulnerabilities with a simulated profit of $3,694. One flaw allowed token balances to be inflated, while another redirected fee withdrawals, proving that AI-driven autonomous attacks are viable even on untouched contracts.
The study emphasizes economic feasibility: running the agents cost just $3,476 in total, with an average of $1.22 per contract. As AI models become cheaper and more capable, automated exploitation is likely to expand rapidly, reducing the time between contract deployment and potential attacks.
Although the focus is DeFi, researchers warn that the implications extend to broader software and infrastructure. Techniques enabling token manipulation or fee redirection can translate to conventional software and crypto infrastructure, suggesting that AI-driven vulnerabilities may soon affect a wide array of systems.
The research serves as both a warning and a wake-up call. Autonomous exploitation that once required expert hackers is now achievable with AI agents. The key challenge for crypto developers is accelerating defensive measures to mitigate risks before automated attacks become commonplace across DeFi and beyond.
