Anthropic's Claude Mythos raises crypto exploit risk, VCs warn
In brief
- Anthropic released Fable 5, the first public Claude Mythos model, with safeguards rerouting cybersecurity queries to Claude Opus 4.8
- VC Simon Dedic warned the model drops cost and skill needed to find crypto exploits to nearly zero
- Unaudited protocols face heightened risk as known exploits replay on forks continuously, Dedic cautioned
- Curve Finance co-founder Michael Egorov countered the threat is likely overblown given smart contracts have fewer lines of code
The Model and Its Safeguards
Fable 5 has safeguards that reroute some topics, such as cybersecurity, to a different model, Claude Opus 4.8. The company also said a small group of cybersecurity and infrastructure providers would get access to Claude Mythos 5 with safeguards lifted in some areas. This tiered approach reflects Anthropic's effort to balance capability with risk.
The underlying Mythos model has proven potent at finding vulnerabilities. Anthropic said last month that its Mythos model uncovered more than 10,000 high or critical-severity vulnerabilities in systemically important software. In May, through Project Glasswing, Anthropic reported Claude Mythos found thousands of critical vulnerabilities in important software. The model discovered around 6,200 high or critical-severity vulnerabilities across more than 1,000 open-source projects it investigated.
Crypto's Vulnerability Dilemma
Venture capitalist Simon Dedic, founder of Moonrock Capital, flagged a direct threat to crypto protocols. He warned that the cost and skill needed to find crypto exploits has dropped to "basically zero". His concern isn't abstract. In April, the value of crypto stolen in hacks hit $629.7 million, the highest since February 2025.
Dedic's warning carries weight. Unaudited protocols will become sitting ducks. Known exploits will get replayed on forks around the clock. The implication is clear: projects without formal security audits face amplified risk in an environment where AI can now democratize exploit discovery.
A Counterpoint on Scale
Not everyone shares that alarm. Curve Finance co-founder Michael Egorov said that the threat Claude Mythos posed to crypto was likely overblown. His reasoning hinges on code complexity. The software Mythos found vulnerabilities in had millions of lines of code, while smart contracts have a few thousand. Egorov's point suggests that the gap between analyzing enterprise software and auditing DeFi contracts may offer some natural protection.
Still, the release of Fable 5 marks a turning point. Safeguards exist, but the underlying capability is now in the wild. How protocols respond—whether through audits, formal verification, or other hardening—will shape the sector's resilience in the months ahead.
