Crypto Faces 'Vulnerability Apocalypse' Driven by Advanced AI: Immunefi Chief
Mitchell Amador, CEO of Immunefi, identifies the emergence of cutting-edge AI models as the primary driver fueling the recent wave of DeFi security breaches.
The emergence of cutting-edge artificial intelligence (AI) technology has tilted the cybersecurity landscape in favor of malicious actors, triggering a "vulnerability apocalypse" that has driven the renewed wave of decentralized finance (DeFi) security breaches, according to Mitchell Amador, who leads bug bounty platform Immunefi as its CEO.
The rapid expansion of advanced AI models, including Claude Opus 4.8 and ChatGPT 5.5, stands as the primary factor behind the resurgence of cryptocurrency hacks witnessed in 2026, Amador explained to Cointelegraph during the recent WAIB Summit held in Monaco.
The cryptocurrency sector experienced a dramatic spike in hacking incidents during April 2026, with malicious actors successfully stealing over $634 million from various cryptocurrency platforms, marking the highest monthly figure since the Bybit breach contributed to approximately $1.4 billion in losses during February 2025, based on data compiled by DefiLlama.
Crypto needs to survive the next three to four years
The cryptocurrency industry faces a critical survival window spanning the next three to four years, lasting until cybersecurity teams successfully leverage the defensive potential of these identical AI models to construct "impregnable" codebases that malicious actors will be unable to compromise, Amador stated.
This critical timeframe could be compressed to under two years provided the industry embraces more "crowdsourced security solutions" while waiting for cybersecurity researchers to weaponize these AI models for defensive purposes, he further noted.
Amador's statements came on the heels of Anthropic's unveiling of its newest Claude Mythos model, Fable 5, which generated widespread industry alarm regarding its potential capacity to expedite cryptocurrency exploits.
Anthropic announced on Tuesday that Fable 5 incorporates protective measures that redirect subjects such as cybersecurity to an alternative model, Claude Opus 4.8.
The cryptocurrency sector has grown increasingly vigilant regarding security threats following a series of significant DeFi exploits that have reignited worries about protocol weaknesses.
On April 19, a malicious actor successfully drained approximately 116,500 restaked Ether (rsETH), valued at roughly $290 million to $293 million at the time, from Kelp DAO's LayerZero-powered rsETH bridge.
LayerZero indicated that Kelp DAO's 1/1 decentralized verifier network (DVN) setup established a single point of failure through its reliance on a single verifier path for cross-chain messages. LayerZero noted it had previously recommended against that particular configuration.