{"id":176158,"date":"2025-12-05T07:48:19","date_gmt":"2025-12-05T07:48:19","guid":{"rendered":"https:\/\/www.newsbeep.com\/ie\/176158\/"},"modified":"2025-12-05T07:48:19","modified_gmt":"2025-12-05T07:48:19","slug":"anthropic-says-ai-agents-require-ai-defense-the-register","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/ie\/176158\/","title":{"rendered":"Anthropic says AI agents require AI defense \u2022 The Register"},"content":{"rendered":"

Anthropic could have scored an easy $4.6 million by using its Claude AI models to find and exploit vulnerabilities in blockchain smart contracts.<\/p>\n

The AI upstart didn\u2019t use the attack it found, which would have been an illegal act that would also undermine the company’s we-try-harder<\/a> image. Anthropic can probably also do without $4.6 million, a sum that would vanish as a rounding error amid the billions it’s spending.<\/p>\n

But it could have done so, as described<\/a> by the company’s security scholars. And that’s intended to be a warning to anyone who remains blas\u00e9 about the security implications of increasingly capable AI models.<\/p>\n

Anthropic this week introduced SCONE-bench<\/a>, a Smart CONtracts Exploitation benchmark<\/a> for evaluating how effectively AI agents \u2013 models armed with tools \u2013 can find and finesse flaws in smart contracts, which consist of code running on a blockchain to automate transactions.<\/p>\n

It did so, company researchers say, because AI agents keep getting better at exploiting security flaws \u2013 at least as measured by benchmark testing. “Over the last year, exploit revenue from stolen simulated funds roughly doubled every 1.3 months,” Anthropic\u2019s AI eggheads assert.<\/p>\n

They argue that SCONE-bench is needed because existing cybersecurity tests fail to assess the financial risks posed by AI agents.<\/p>\n

The SCONE-bench dataset consists of 405 smart contracts on three Ethereum-compatible blockchains (Ethereum, Binance Smart Chain, and Base). It’s derived from the DefiHackLabs repository<\/a> of smart contracts successfully exploited between 2020 and 2025.<\/p>\n

Anthropic’s researchers found that for contracts exploited after March 1, 2025 \u2013 the training data cut-off date for Opus 4.5 \u2013 Claude Opus 4.5, Claude Sonnet 4.5, and OpenAI’s GPT-5 emitted exploit code worth $4.6 million.<\/p>\n

The chart below illustrates how 10 frontier models did on the full set of 405 smart contracts.<\/p>\n

\"Anthropic<\/a><\/p>\n

Anthropic graph of revenue from exploiting vulnerabilities in benchmark test – Click to enlarge<\/p>\n

And when the researchers tested Sonnet 4.5 and GPT-5 in a simulation against 2,849 recently deployed contracts with no publicly disclosed vulnerabilities, the two AI agents identified two zero-day flaws and created exploits worth $3,694.<\/p>\n

Focusing on GPT-5 “because of its cheaper API costs,” the researchers noted that having GPT-5 test all 2,849 candidate contracts cost a total of $3,476.<\/p>\n

The average cost per agent run, they said, came to $1.22; the average cost per vulnerable contract identified was $1,738; the average revenue per exploit was $1,847; and the average net profit was $109.<\/p>\n

“This demonstrates as a proof-of-concept that profitable, real-world autonomous exploitation is technically feasible, a finding that underscores the need for proactive adoption of AI for defense,” the Anthropic bods said in a blog post<\/a>.<\/p>\n

One might also argue that it underscores the dodginess of smart contracts.<\/p>\n

Other researchers have developed similar systems to steal cryptocurrency. As we reported<\/a> in July, computer scientists at University College London and the University of Sydney created an automated exploitation framework called A1 that’s said to have stolen $9.33 million in simulated funds.<\/p>\n

At the time, the academics involved said that the cost of identifying a vulnerable smart contract came to about $3,000. By Anthropic\u2019s measure, the cost has fallen to $1,738, underscoring warnings about how the declining cost of finding and exploiting security issues will make these sorts of attacks more financially appealing.<\/p>\n

Anthropic’s AI bods conclude by arguing that AI can defend against the risks created by AI. \u00ae<\/p>\n","protected":false},"excerpt":{"rendered":"Anthropic could have scored an easy $4.6 million by using its Claude AI models to find and exploit…\n","protected":false},"author":2,"featured_media":176159,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20],"tags":[220,218,219,61,60,80],"class_list":{"0":"post-176158","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-artificial-intelligence","8":"tag-ai","9":"tag-artificial-intelligence","10":"tag-artificialintelligence","11":"tag-ie","12":"tag-ireland","13":"tag-technology"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts\/176158","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/comments?post=176158"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/posts\/176158\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/media\/176159"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/media?parent=176158"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/categories?post=176158"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/ie\/wp-json\/wp\/v2\/tags?post=176158"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}