Security

AI Agents Autonomously Exploit Smart Contracts Discovering Zero-Days

Frontier AI models, including GPT-5 and Claude, now demonstrate human-level capability to autonomously discover and exploit zero-day smart contract vulnerabilities, accelerating the threat landscape.
December 3, 20253 min

The image displays a detailed, angled view of a futuristic electronic circuit board, featuring dark grey and silver components illuminated by vibrant blue glowing pathways and transparent conduits. Various integrated circuits, heat sinks, and connectors are visible, forming a complex computational structure
A gleaming crystalline lens, illuminated with vibrant blue light, is framed by a minimalist white torus and fine metallic filaments. This focal point is set against a backdrop of advanced technological components, including detailed circuit boards and sharp, crystalline blue structures, hinting at complex computational processes

Briefing

A new research disclosure confirms that frontier Artificial Intelligence models, specifically GPT-5 and Claude, can autonomously identify and exploit vulnerabilities in live smart contracts, fundamentally shifting the threat model for the DeFi ecosystem. The study, utilizing a benchmark of real-world exploits, showed AI agents recreating attacks worth $4.6 million in simulated stolen funds, confirming the economic viability of AI-driven cyberattacks. Crucially, the models also uncovered two novel zero-day vulnerabilities in recently deployed contracts, demonstrating a capability to proactively find and monetize unknown flaws.

A radiant blue digital core, enclosed within a clear sphere and embraced by a white ring, is positioned on a detailed, glowing circuit board. This imagery encapsulates the foundational elements of blockchain and the creation of digital assets

Context

The prevailing security posture has historically relied on human-led auditing and formal verification to secure deterministic smart contract logic. This new vector introduces an autonomous, low-cost threat where exploit capabilities are observed to double every 1.3 months, dramatically outpacing traditional human-centric defense cycles. The cost to run these AI-driven attacks has simultaneously dropped by 70% in six months, lowering the barrier to entry for sophisticated exploitation.

A brilliant, multi-faceted crystalline orb, radiating electric blue hues, is centrally placed within a sleek, white toroidal frame. This entire assembly rests upon a detailed, dark printed circuit board, replete with intricate pathways and electronic components

Analysis

The attack vector centers on the AI’s advanced control-flow reasoning and boundary analysis, enabling it to translate code-level flaws into profitable on-chain transactions. In one simulated case, the AI agent repeatedly called a mistakenly writable token calculator function to inflate its token balance and drain assets. Another vulnerability involved the AI exploiting a logic flaw to withdraw funds by submitting a fake beneficiary address, showcasing its ability to manipulate internal contract state and access controls. This ability to autonomously identify, test, and execute complex, multi-step exploits without human guidance marks a critical evolution in the threat landscape.

Intricate electronic circuitry fills the frame, showcasing a dark blue printed circuit board densely packed with metallic and dark-hued components. Vibrant blue and grey data cables weave across the board, connecting various modules and metallic interface plates secured by bolts

Parameters

  • Simulated Loss Value → $4.6 Million (Total simulated funds stolen by AI models from contracts exploited after March 2025)
  • Novel Vulnerabilities Found → Two (Zero-day flaws discovered by GPT-5 and Claude in contracts with no known issues)
  • Capability Doubling Rate → Every 1.3 Months (The rate at which AI exploit capabilities increased throughout 2025)
  • Cost Reduction → 70% (The drop in cost to run these AI-driven attacks over a six-month period)

A futuristic mechanical device, composed of metallic silver and blue components, is prominently featured, partially covered in a fine white frost or crystalline substance. The central blue element glows softly, indicating internal activity within the complex, modular structure

Outlook

The immediate imperative for all protocols is to integrate AI-powered defense mechanisms and accelerate the adoption of formal verification tools that can match the speed of autonomous exploit discovery. This research will establish a new baseline for security best practices, shifting focus from preventing known flaws to preemptively defending against AI-generated zero-day attacks. Protocols must also implement new internal controls that assume adversarial AI is actively probing their entire attack surface, leading to a necessary investment in proactive security research and red-teaming.

The autonomous capability of frontier AI to discover and exploit zero-day vulnerabilities is the single most significant threat multiplier to the smart contract ecosystem in the coming year.

autonomous exploitation, artificial intelligence threat, smart contract zero-day, frontier AI models, code vulnerability discovery, simulated financial loss, blockchain security research, AI-driven cyberattack, SCONE-bench benchmark, control-flow reasoning, autonomous threat actor, decentralized finance risk, automated exploit generation, vulnerability doubling rate, smart contract audit, on-chain forensic analysis, ethical hacking research, AI model capability, token calculator function, access control flaw Signal Acquired from → beincrypto.com

Micro Crypto News Feeds

zero-day vulnerabilities

Definition ∞ Zero-day vulnerabilities are newly discovered software flaws for which no patch or public fix exists.

formal verification

Definition ∞ Formal verification is a mathematical technique used to prove the correctness of software or hardware systems.

control-flow reasoning

Definition ∞ Control-flow reasoning involves analyzing the sequence of operations and execution paths within a program or smart contract.

funds

Definition ∞ Funds, in the context of digital assets, refer to pools of capital pooled together for investment in cryptocurrencies, tokens, or other digital ventures.

zero-day

Definition ∞ Zero-Day refers to a previously unknown vulnerability in software or hardware for which no patch or fix is currently available.

exploit

Definition ∞ An exploit refers to the malicious utilization of a security flaw or vulnerability within a protocol, smart contract, or application to gain unauthorized access, steal assets, or disrupt operations.

attacks

Definition ∞ 'Attacks' are malicious actions designed to disrupt or compromise digital systems.

security research

Definition ∞ Security Research in the digital asset domain involves the systematic investigation and analysis of potential vulnerabilities within blockchain protocols, smart contracts, and cryptographic systems.

Tags:

Tags: