Mythos and the cyberhacking panic — what this means for crypto

(Image: via Currrency News)

In February 2025, hackers stole roughly $1.5 billion from the crypto exchange Bybit — the biggest crypto heist on record. The FBI later attributed the attack to North Korea. What made the theft so unnerving was not that someone “broke the blockchain”. They did not. The blockchain kept doing exactly what it was supposed to do. The weakness was elsewhere: in the software, workflows and human approval machinery wrapped around the assets. That is the uncomfortable lesson crypto keeps relearning. The chain may be solid. The ecosystem around it is often alarmingly soft.

Now imagine that people hunting for those weaknesses acquire a tireless AI partner who is a much better hacker than they are. They are about to get one.

When the news of the super-hacking capabilities of Anthropic’s Mythos exploded two weeks ago, it first spawned panic and then — at least in some sectors — a bit of eye-rolling. Mythos had, within a mere few weeks, identified thousands of zero-day vulnerabilities (previously unknown bugs) across major operating systems, browsers and other critical software, including security software. Critics countered that this sounded suspiciously like alarm-marketing and exaggerating the facts. Both camps may be right.

The truth is that even if the hype is ahead of the present, the future is likely to catch up with the scariest claims sooner than the sceptics expect, given the accelerating rate of autonomous and recursive AI development. There is little doubt ChatGPT and others (like China’s DeepSeek) will soon have the same hacking muscles.

The crypto industry is watching this nervously. And that is because the crypto ecosystem is an interconnected web of apps, exchanges, wallets, APIs, bridges, admin tools, cloud infrastructure, mobile clients and browser extensions built around the actual foundational blockchains. And much of that web (except the blockchain itself), is technically speaking, just normal good old software with all its potential pathologies.

Start with crypto exchanges. Their customer-facing systems are usually built with standard web languages and frameworks. Their back ends rely on familiar databases, authentication layers, cloud services and internal tooling. In other words, they are exposed to exactly the sort of software stack on which AI-powered bug hunting is likely to feast. If a model becomes extraordinarily good at finding logic flaws, injection points, authentication weaknesses, privilege escalations or dangerous misconfigurations, exchanges are obvious prey. The blockchain underneath may be robust; the software through which humans reach it often is not.

DeFi may be even more exposed. DeFi is powered by smart contracts which have always enjoyed an odd dual reputation: marketed as trustless and mathematically precise, while in practice being very human programs written by very fallible developers. There is already a thriving industry of auditors paid handsome sums to stop smart contracts from exploding. Automated AI bug-hunters are unlikely to make that profession disappear overnight but it is certain to quickly make the AI attackers much better at the same game.

This matters because crypto’s adversaries are already highly capable. Chainalysis, the largest crypto analytics firm, reports that more than $3.4 billion was stolen from crypto platforms in 2025, with DPRK-linked hackers alone taking just over $2 billion. North Korean operators have become especially adept not just at technical compromise but at patient infiltration: impersonating job candidates, embedding operatives as IT workers, targeting executives and developers, and then moving stolen funds through increasingly sophisticated laundering routes. Give North Korean actors like The Lazarus Group access to dramatically better vulnerability discovery through leaked AI models, derived tools or black-market services and you do not get a brand-new threat. You get the old threat massively amplified.

So does that mean that the underlying blockchains like Bitcoin, Ethereum and the other big chains are in trouble? Probably not. Here it is important to distinguish between the blockchain itself and the cluttered software suburbia built around it.

The core security model of a major blockchain is not the same thing as the security model of a web app or database system. Bitcoin’s design rests on distributed validation, consensus rules, cryptographic hashing and digital signatures. Ethereum likewise depends on decentralised clients implementing protocol rules and on cryptographic primitives that are not casually broken because a model got very good at source-code analysis. That is why the nightmare scenario most often cited against blockchains themselves is not “AI found a bug in the blockchain core code” but “quantum computing eventually breaks key cryptography”. But even there, as I have written previously, the industry is not asleep: Bitcoin and other blockchain developers and researchers are actively prototyping and implementing post-quantum paths.

But one should not drift from reassurance into blind faith. Blockchains and their clients are still software, and software has bugs. Bitcoin Core (the delevopers) who maintain the Bitcoin blockchain) maintains a formal security advisory process and has published multiple advisories over time; its website currently warns of a wallet migration bug in versions 30.0 and 30.1 that may delete wallet files and result in loss of funds. Geth, the major Ethereum execution client, logged a 2026 vulnerability in which a specially crafted message could force a node to crash. So the sensible argument is not that base-layer blockchains are invulnerable. It is that they are less directly vulnerable to the coming wave of AI bug discovery than the exchanges, wallets, smart contracts and middleware wrapped around them.

And that is where the real danger sits: in the soft tissue around the cryptographic skeleton. Private keys are stored somewhere. Wallet software has to run somewhere. Users sign transactions through interfaces. Exchanges maintain hot wallets and internal controls. Bridges connect one chain to another. Oracles feed in external data. Admins have privileges. Developers make mistakes. Recovery systems exist, or fail to. Every one of those layers is a plausible point of AI-assisted attack. The blockchain may remain mathematically elegant while the surrounding ecosystem burns.

That, ultimately, is the uncomfortable truth for crypto. The movement promised a world in which trust would be replaced by math. Instead, some of that trust was merely relocated — into applications, custodians, browser extensions, code libraries, cloud dashboards and the ancient problem of where to keep a secret. Until the industry finds something sturdier than today’s private-key sprawl — whether through better hardware, multi-party computation, biometrics, passkey-style abstractions, or some future identity layer that does not rely on users safeguarding magic strings of characters — crypto will remain an inviting target.

Mythos, and the models racing behind it, are not likely to crack Bitcoin’s or Ethereum’s spine. But they may become extraordinarily good at puncturing everything around it. That would be enough to hobble the entire industry.

Steven Boykey Sidley is a professor of practice at JBS, University of Johannesburg, a partner at Bridge Capital and a columnist-at-large at Daily Maverick, Currency News and Daily Friend. His new book, It’s Mine: How the Crypto Industry is Redefining Ownership, is published by Maverick451 in South Africa and Legend Times Group in the UK/EU, available now.

Originally published at https://stevenboykeysidley.substack.com.

Mythos and the cyberhacking panic — what this means for crypto was originally published in Coinmonks on Medium, where people are continuing the conversation by highlighting and responding to this story.