CoinDesk
Anthropic's Mythos, an AI system designed to autonomously discover vulnerabilities in code, was briefly released earlier this month before being pulled from the U.S. market — but researchers say the cost disruption it signals will outlast its availability. Alexander Urbelis, CISO at ENS Labs, told industry press that the technology "pushes the price of a basic audit toward zero," turning weeks of work into minutes and putting professional-grade reviews within reach of projects that previously could not afford them.
Why it matters
The shift is less about finding bugs faster than about changing the legal and operational baseline. Urbelis argued that "a clean AI report will be seen as no defense" in court — if cheap, sophisticated tooling exists, plaintiffs will argue a team should have used it, regardless of whether a third-party auditor was hired. That framing turns a previously optional due-diligence step into a foreseeable expectation for both developers and the institutions funding them.
David Schwed, COO of blockchain security firm SVRN, framed the change as even deeper: "These models now operate the way a human attacker does. They iterate, they take the next step based on what they're seeing in real time." Where older fuzzers ran deterministic checks, systems like Mythos infer what code was meant to do and compare that to what it actually does — a meaningful upgrade in a market where smart contract code is public and bug bounties can run into the tens of millions.
Market impact
The bigger commercial read, both researchers said, is continuous monitoring replacing point-in-time audits. Schwed called it "continuous auditing with suggested remediations at a fraction of the cost, instead of a point-in-time review you can only afford once" — a pricing curve that pressures traditional audit firms and pushes the industry's baseline expectation upward.
The caveat is that AI catches code flaws, not the failures that have caused crypto's largest losses. Urbelis pointed to the recent Drift compromise as a months-long social engineering campaign, not a code bug.
Frequently asked questions
-
What is Mythos and what did it actually do?
Mythos is an Anthropic-built AI system designed to autonomously discover vulnerabilities in code. It was briefly released earlier this month before being pulled from the U.S. market, but researchers say its release signals a structural shift in audit economics regardless of availability.
-
How much could AI-powered audits cost compared to traditional ones?
Alexander Urbelis, CISO at ENS Labs, said the technology "pushes the price of a basic audit toward zero," compressing weeks of work into minutes and putting professional-grade reviews within reach of projects that previously could not afford them.
-
Could AI audits become a legal standard of care in crypto?
Urbelis argued that "a clean AI report will be seen as no defense" — if cheap, sophisticated tooling exists, plaintiffs will argue a team should have used it regardless of whether a traditional auditor was hired, potentially shifting the baseline for developer and institutional due diligence.
-
What kinds of crypto hacks can AI security tools actually prevent?
AI tools are positioned to catch code-level flaws faster, but researchers said the largest crypto losses — including the recent Drift compromise, Ronin, and Bybit — came from social engineering, compromised keys, and manipulated signing, not smart contract bugs. "No code scanner stops an authorized signer," said David…
-
Will continuous AI monitoring replace traditional point-in-time audits?
David Schwed described the shift as "continuous auditing with suggested remediations at a fraction of the cost, instead of a point-in-time review you can only afford once" — a pricing curve he expects to pressure traditional audit firms and raise the industry's baseline security expectations.
CryptoSlate
WuBlockchain
Crypto News
WatcherGuru
CoinTelegraph
TheBlock