Crypto Exchanges Face New AI Cybersecurity Risk as Anthropic's Mythos Exposes Software Flaws

Anthropic's Mythos isn't threatening bitcoin. The real AI risk is at crypto exchanges

There's a saying in crypto: not your keys, not your coins. It's typically a warning that it's safer to keep your crypto in an offline wallet that's harder to attack than an online exchange where you don't have control over the keys to the wallet housing the funds. So far, however, the complexity of learning how to self-secure and custody crypto has been prohibitive to many prospective crypto investors, which has allowed exchanges like Coinbase and Gemini Space Station - two of the earliest in the game - to thrive. But with money now being more digital than ever and AI getting stronger, that narrative may be flipping. AI like Anthropic's Mythos, which is built to find software vulnerabilities at extreme speed with unprecedented accuracy, could help usher a new wave of attacks on companies built on and around crypto - an industry already working to overcome a years-long reputation of hacks, scams, and exploits. Some investors in crypto - whose universe of investable assets has quickly grown beyond coins to include ETFs and equities covering various crypto themes - can take comfort in the fact that the Bitcoin blockchain itself has never itself been hacked and has operated securely and without interruption since 2009. The threat of Mythos-like AI probably won't change that. "Bitcoin is fundamentally secured by cryptography and a set of shared rules," said Yan Pritzker, chief technology officer at Swan Bitcoin. "The cryptography itself isn't affected by AI, and the shared rules are enforced by a network of people running Bitcoin nodes all over the world. So while AI can influence how those people think in some way, it really is very difficult to modify the rules of the network without really full consensus from the network." Exchanges like Coinbase, Robinhood, Gemini or Bullish, on the other hand, are perhaps the most at-risk areas due to the large amounts of personal identifiable information and money they handle. "Any other system that deals with money in a real-time basis is going to be a place that we try to look for cyber security holes," said Cosmo Jiang, general partner at Pantera Capital. "While the threat factor exists for everyone, it's most likely that financial services companies or exchanges are going to be the ones that are targeted first." Owen Lau, an analyst at Clear Street, said to consider the reputational risk AI agents pose to crypto exchanges when assessing downside risk. Specifically, he said, they can generate large volumes of scam emails and create synthetic identites, building detailed profiles that pull information from the exchanges or other retail platforms. While AI can create new kinds of threats, the biggest exchanges argue it also presents an opportunity for them to improve security for their users. Coinbase and Binance both said they're keen to invest in and use AI to make their platforms more secure. "Mythos, and future models like it, will enable even deeper testing of software and systems at scale," Philip Martin, chief security officer at Coinbase, said in a statement shared with CNBC. "This will accelerate digital threats as well as digital defense." He also said that although Mythos "is a highly restricted model not available to the public, Coinbase is in close communication with Anthropic." Similarly, Binance's chief security officer Jimmy Su said the company is evaluating "how advances in AI can create new opportunities to strengthen cybersecurity while also introducing new risks. As part of that work, we are experimenting with AI to help us identify vulnerabilities faster and more broadly across our systems." Lau said the threat of a Mythos-like AI isn't yet clear or specific enough to make him reconsider his bullish ratings or his price targets, and he cautioned against letting short-term fear and uncertainty drive investors away from the sector. "Near term, it will become a negative narrative for these kinds of companies," he said of crypto exchanges. "But longer term, I would see them as one of the first batches that comes out and can protect against these AI agents."

The Crypto Bros Want to Get Their Hands on Anthropic's 'Super Dangerous' Model

The crypto bros might be able to cut the line to get into any club in Miami, but they're stuck trying to bribe the bouncer at Club Mythos. Anthropic's new model, Claude Mythos, is currently only available in a limited capacity due to concerns that it may be a little too capable of exploiting cybersecurity vulnerabilities. Anthropic has given access to only a select few partners, and the cryptocurrency community would really like to get on the list. According to the Information, a number of crypto exchanges, including Coinbase, have been communicating with Anthropic in hopes of getting their hands on Mythos. The exchange isn't alone in hoping that it can tap AI tools to help bolster security. Binance also reportedly has been using AI models (including Claude Opus) to test its systems and try to poke holes in potential vulnerabilities before a bad actor does. Crypto custodian firm Fireblocks told The Information it also uses Anthropic's publicly available model for pentesting, and claims that the model has spotted issues that human testers missed. But to date, it seems none of the crypto companies have managed to get the Mythos treatment. Anthropic has said the platform is capable of spotting cybersecurity issues that evade the eyes of “all but the most skilled humans," and claimed to have used the model to spot security flaws that have been hiding in legacy systems for nearly three decades without detection (though, for what it's worth, some researchers were able to replicate the flaw detection with less powerful models). The crypto space has a very obvious reason for wanting to get in on Mythos' offerings: they sit on billions of dollars worth of digital assets and are surprisingly vulnerable to attack. Coinbase has been hit with several high-profile cybersecurity incidents over the years, including one last year that reportedly exposed sensitive customer data. Anthropic is currently holding back Mythos because it believes the model could be used to exploit major security vulnerabilities in platforms and online infrastructure at scale. Crypto is a pretty logical target for anyone who wants to use an AI model for malicious means. If the crypto bros keep getting bounced by Anthropic, maybe they can pull up to Club OpenAI. Per Bloomberg, the company is doing its own limited release of a new cybersecurity tool, which it definitely did not hastily announce to avoid getting left behind by its rival's hype train. Odds are the cover charge is much cheaper over there.

Crypto exchanges brace for AI that can exploit software flaws By Investing.com

Investing.com -- Major cryptocurrency exchanges and custodians, including Coinbase (NASDAQ:COIN) and Binance, are preparing their systems for powerful artificial intelligence models that could find and exploit software vulnerabilities, according to a report from The Information. Anthropic's Mythos model, described by the AI firm as potentially dangerous in its ability to identify security weaknesses, has prompted crypto platforms to accelerate their defensive measures. Coinbase Chief Security Officer Philip Martin said the exchange has been in close communication with Anthropic about Mythos, which he described as a highly restricted model not available to the public. Martin said Mythos and future models like it will enable deeper testing of software and systems at scale, which will accelerate both digital threats and digital defense. Anthropic has provided early access to Mythos for testing to some companies, including large banks, but has not included major crypto firms in this group. This article was generated with the support of AI and reviewed by an editor. For more information see our T&C.