A recent study led by Anthropic’s red team, in collaboration with the Machine Learning Alignment & Theory Scholars (MATS) program, found that modern commercial artificial intelligence (AI) systems can autonomously locate and exploit vulnerabilities in smart contracts.
These systems produce simulated exploit gains reaching $4.6 million on contracts published after their training data cutoff.
The team developed an environment called SCONE-bench that included 405 smart contracts previously attacked between 2020 and 2025.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
Best Types of Blockchains Revealed (5 Animated Rules)
When 10 major AI models were tested, they created working exploits for 207 contracts, which simulated a total of $550.1 million in compromised value.
For contracts that were exploited after the models had no further data, the best-performing AI systems, such as Claude Opus 4.5, Claude Sonnet 4.5, and GPT-5, compromised 19 of 34 contracts, which resulted in simulated theft of $4.6 million.
The results also indicated improved AI model efficiency. Over the past year, the computational token cost per successful exploit with the Claude architecture declined by nearly 70.2%.
Attackers using these models can generate about 3.4 times as many successful attacks within the same budget as was possible six months earlier.
To see if AI tools can identify completely new issues, Sonnet 4.5 and GPT-5 analyzed 2,849 recent smart contracts with no previously reported bugs.
Two new unknown vulnerabilities were found, and exploit strategies gave a simulated gain of $3,694. GPT-5’s API usage on this test cost $3,476.
All trials were conducted in isolated, simulated blockchain environments, which prevented harm to actual funds.
An investigation by AhnLab has shown that the Lazarus Group, based in North Korea, relied on spear-phishing throughout the past year to steal digital assets. What did AhnLab say? Read the full story.
