They’re Using AI To ‘Break Crypto Security’

Añadido: 2026-05-05

[00:00:00]Hey, ChatGPT. Hack my crypto wallet.

[00:00:04]Okay, I'll get started right now.

[00:00:06]>> Crypto security isn't the same as it was 2 years ago. What used to take hackers months and millions of dollars to exploit vulnerabilities can now be done in minutes and for virtually no cost.

[00:00:16]>> Former Assistant Attorney General for National Security, uh John, it's great to have you here. What's your understanding of the issue here? How how real are the threats?

[00:00:25]This is a a real issue. I mean, if you think about it, cybersecurity has already been estimated as a multi-trillion-dollar problem. And that's because of crooks, nation-states, terrorists attacking our systems.

[00:00:37]>> So, in this video, I'm going to show you how AI is changing the way we need to think about crypto security and what I'm doing today to ensure my crypto is secure for the future, according to advice from security experts. Before AI was available to everyone, security was much simpler. A lot of the software on the market isn't even 100% secure.

[00:00:56]Secure just means that there are zero exploitable vulnerabilities. Basically, no attackers can get in. So, in theory, a perfect security score would be a 10 out of 10. But, the standard hasn't been to achieve a perfect security score. The exception has been to make attacks so difficult and so expensive they're not worth attempting, even if that means the system isn't technically 100% unhackable. That means some of the most well-defended security systems have been operating at a nine out of 10 or even worse.

[00:01:26]>> Last month, Iranian-linked hackers broke into FBI Director Kash Patel's personal email. They also hit Michigan-based medical manufacturer Stryker, stealing private data and crippling their business for weeks.

[00:01:38]>> So, the cost of finding the last flaws has always been the real defense mechanism in modern-day security. Well, AI virtually just eliminated that cost, and that's the problem. Attackers are doing are using the same tools that everyone else is using. They're using AI and automation to try to do more damage, to move faster, to create havoc, uh to steal.

[00:01:58]>> AI-powered tools can already analyze massive codebases in a matter of hours to find vulnerability patterns that used to take talented security researchers weeks to months. And these tools are only getting better. So, now we start to see the problem unfold. Any security system that has been running at a nine out of 10 or worse is at risk because AI has virtually eliminated the cost and resources that used to be required to exploit it. They go after vulnerabilities. Think of, you know, your house with an open door or an open window that remains unpatched or, because the technology is old, is unpatchable.

[00:02:34]>> Which means we have to redefine what secure looks like in an AI world because the old security model doesn't work anymore. And if we don't address this head-on, everything will eventually become insecure. According to the ITRC's 2025 Data Breach Report, the number of data compromises hit a new record of 3,322 breaches in 2025. That's a 79% increase over the past 5 years. And that is not a coincidence. That is a massive surge largely driven by cybercriminals utilizing AI in some way. A more recent example comes from a hacker who used Claude AI to breach multiple Mexican government agencies, exploiting 20 vulnerabilities and gaining access to 150 GB of sensitive data such as tax records for hundreds of millions of people. Before, this would have taken a coordinated team of security experts weeks to complete. This guy did it in 72 hours using nothing but an AI subscription that we all have access to.

[00:03:31]In other words, hackers now have the ability to attack way bigger targets that weren't worth it before AI. So, we're all essentially sitting on a digital landmine of potentially vulnerable software that could lead to digital warfare. Battered by US and Israeli strikes, Iran is hitting back.

[00:03:48]Not with missiles, but cyberattacks that know no borders.

[00:03:52]>> But, that's another topic for another conversation. My focus is looking at this from the perspective of crypto holders. How is AI changing the way that we need to look at crypto security?

[00:04:02]That's the question. Last year, Coinbase's CEO Brian Armstrong announced that more than 40% of the company's code is written by AI. And while that code is still manually reviewed by humans, the goal of using AI is to increase the speed of development. And this introduces the next major issue. We are entering an era of software abundance.

[00:04:22]So, now people like myself with virtually zero coding skills have the tools to create software, all for the price of a monthly ChatGPT subscription.

[00:04:32]Isn't that right, ChatGPT? Yes, that's right. The landscape has changed dramatically. But, remember, while generating functional code is easier, understanding architecture, maintaining security, and designing scalable systems still require diligence and deeper learning beyond just automation.

[00:04:49]But, it does open the door for more creators, which is both an opportunity and a challenge.

[00:04:55]Point proven. So, not only are attacks getting cheaper, but so is the cost to develop software. But, that software likely isn't secure because it's being pumped out by AI. And to create secure software, we still need engineers with the skills to do that. That means the bar for what counts as real security is being raised at record speeds. And what got us here today will not carry us into the future. In crypto especially, AI is being used on multiple levels to steal funds from individual investors like you and me and from companies worth billions of dollars who control customer funds.

[00:05:28]Scammers are already using AI-generated videos and voice cloning to create scams that target smaller investors by leveraging trusted faces in the space.

[00:05:36]They're also creating fake apps that look identical to the real apps many of us use. Recently, musician Garrett Dutton lost over $400,000 after downloading a fake Ledger Live app that was successfully published to the App Store. This app alone led to $9.5 million being stolen in just a matter of days before it was removed. But, that's a small attack. That's not even the tip of the iceberg of what we're talking about here. The main threat is the software that exists in and around the crypto space that has already been exploited and the new software that is currently being developed that is vulnerable to AI. Of the top 10 exploits used by criminal groups and others in 2025, two of them were vulnerabilities that already were more than 10 years old.

[00:06:22]>> Recently, researchers wanted to see if AI could hack crypto systems. So, they gave AI agents 405 smart contracts that were previously hacked between 2020 and 2025. The AI studied all the hacks and learned how the attacks worked. Then it was able to recreate those same attacks, showing it could steal millions of dollars if used in the real world. But, here's the scary part. They didn't stop there. They gave the AI brand new smart contracts that had no known problems, and the AI found new bugs that no one had discovered yet. Then it figured out how to exploit those bugs and make money from them. In total, the exploits that the AI agents discovered were worth $4.5 million for for the cost of $7,000 in AI credits. Again, we're just barely scratching the surface here, but basically, AI can be trained on past hacks to find new vulnerabilities and exploit them. This is one of the main threats that we're dealing with moving forward. So, what do we do? Well, according to experts like Ledger's Chief Technology Officer Charles, there are already several ways to build secure software in an AI world. It involves extremely complex things like ZK proofs, formal verification, and fully encrypted computing, but we'll leave all that to the developers because that's way above my pay grade. What we want to know is how to secure our digital assets. At the end of the day, AI can really only attack software. It can scan for bugs, it can trick users, and it can exploit entire systems. That's why moving forward, storing the keys used to access your crypto in software is an even greater risk. If any of those software wallets are vulnerable, it's only a matter of time until hackers utilize AI to exploit those vulnerabilities and go on a crypto wallet-draining rampage. And stuff like this is already happening. On Christmas Day last year, the Trust Wallet browser extension was hacked, and basically, anyone who opened their Trust Wallet on Christmas got their crypto drained. Merry Christmas. And the same applies if you keep your crypto on exchanges. Crypto exchanges are massive targets for hackers because if they're successful, then the reward is millions or maybe even billions of dollars.

[00:08:26]>> So, where do we see the threats from AI in the crypto space? It's really to centralized companies, companies that run security programs to secure their customers' assets.

[00:08:36]>> That's where the risk factor really increases. It is probably going to be the companies that have the most capital associated with them, right? These things like exchanges or or trading applications where customers are depositing funds and have a lot of funds on those platforms. They will more likely be the ones that are targeted.

[00:08:53]>> the largest crypto exchanges in the world, Bybit, was targeted by an extremely complex social engineering and supply chain attack back in 2025. This resulted in a $1.5 billion loss their CEO signed a transaction using third-party multi-sig software. So, sitting around hoping the software you use to manage your crypto doesn't get hacked is not an effective security strategy because it's already happening and it's only going to get worse.

[00:09:18]According to Charles, one of the only ways to secure your crypto today and looking ahead is to store your keys offline, away from artificial intelligence. Not in an app, not in a browser extension, and definitely not managed by a third-party website. Now, of course, the easiest way to do this is using a hardware wallet, which takes your keys and stores them offline any secure environment away from AI. So, even if your phone or computer is compromised, your hardware wallet and thus your crypto remains unaffected.

[00:09:48]But, from there, you can take it a step even further, and you should because if you don't, well, your hardware wallet could basically become useless. Because AI can also create malicious transactions, which once you sign these transactions using your wallet, they can completely drain your wallet. You need to separate how you're using your crypto wallets so that you're using them effectively. The way that I've been doing this is I have one main wallet that I use as my crypto savings account.

[00:10:12]So the only thing this wallet does is it holds my crypto. That means I'm not connecting it to websites like decentralized exchanges to trade. I'm not claiming airdrops with it. I'm simply sending crypto to it where it remains. And if I want to send it back to an exchange to sell it, I can also do that. But then I'll use a separate wallet for any of my riskier transactions like connecting with decentralized exchanges or claiming airdrops or providing liquidity to a liquidity pool.

[00:10:38]Those are all things you would never want to do with your main cold storage wallet because you always risk signing a malicious transaction approval that could lead to your wallet being drained.

[00:10:48]By doing this, you're eliminating the risk in your main savings account wallet and really spreading and isolating that risk into your own risky wallet where you don't have the majority of your crypto stored. But even with AI, especially with AI actually, the main threat remains user error. Hackers and scammers want you to make a mistake. So by combining good habits with secure hardware, not only are you protecting yourself from today's threats, but you're also protecting yourself from the future threats. Now the only problem is how do you choose the best hardware wallet for you? Well, I'll show you exactly what you should be looking for when choosing a hardware wallet in this next video. I'll see you over there. God bless.