Anthropic's new artificial intelligence (AI) model 'Mythos' is changing the security paradigm in the cryptocurrency industry. Security is expanding from a smart contract focus to cover infrastructure across the board.

On April 25, blockchain media outlet CoinDesk reported that Mythos is drawing attention for going beyond detecting known vulnerabilities. It does so by linking small weaknesses across multiple systems to form real attack paths.

DeFi security has focused on smart contract code audits. That was because vulnerability types had been accumulated and major attack methods were relatively clear. Since the emergence of Mythos, inspection is rapidly expanding to key management systems, signing services, bridges, oracle networks and cryptography layers.

The security industry is particularly pointing to infrastructure risk as a core threat. Paul Bizinder, head of security at Gauntlet, assessed that AI-based attacks are more likely to target humans and infrastructure layers than smart contracts. He said connection points that were outside the scope of traditional audits are emerging as actual attack vectors.

A real case has also occurred. Web infrastructure company Vercel recently suffered a security breach, raising the possibility that customer API keys were exposed. The company said the intrusion occurred after a Google Workspace connection was compromised through a third-party AI tool used by an employee, Context.ai. Several cryptocurrency projects then moved to replace credentials and inspect code. This is seen as a case showing that risks can spread through operational infrastructure rather than smart contracts themselves.

The structure of DeFi itself is also cited as a factor that increases risk. Protocols share liquidity, rely on the same oracles and are linked through various integration layers. This connectivity has been the foundation for growth, but it creates pathways for a single vulnerability to spread across the entire ecosystem. In a recent Hyperbridge attack, a flaw in cross-chain message validation was exploited, leading to an incident in which large-scale tokens were minted on Ethereum (ETH).

The industry sees AI as revealing new attack patterns. It can identify multi-stage attack chains in advance that previously were confirmed only after funds were drained, and it can detect infrastructure vulnerabilities that existing audits missed.

Some, however, interpret this less as a new threat than as an acceleration of the existing environment. Stani Kulechov, founder of Aave Labs, said the web3 environment was already exposed to attackers with resources and motivation, and that AI is closer to an evolution of attack tools.

Even so, AI's widening of the scope for discovering vulnerabilities is being cited as a burden. Defects once ignored as low priority are being rediscovered, increasing the chance that small weaknesses can lead to large-scale attacks.

Security systems are therefore also changing. The trend is shifting away from a structure split between pre-launch audits and post-launch monitoring, and toward AI-centric continuous response systems, including continuous audits, real-time simulation and breach-assumed design.

Aave is deploying AI for simulation and code reviews alongside human audits. Uniswap Labs CEO Hayden Adams is also focusing on the possibility that AI could become a stress-testing tool for strengthening security.

Ultimately, the core of the change the industry faces goes beyond removing vulnerabilities. As AI enables faster discovery and combination of weaknesses, security is shifting from one-off checks to an operating system that adapts continuously. As a result, the gap between projects based on security capabilities is also expected to widen further.