Crypto platforms (and investors) have long suffered from hacker attacks and exploits. Now, artificial intelligence (AI) is making that threat even worse.
That’s the view of Charles Guillemet, chief technology officer at crypto wallet provider Ledger, who said the economics of cybersecurity are collapsing as artificial intelligence tools make it faster and cheaper to attack systems.
“Finding vulnerabilities and exploiting them becomes really easy,” Guillemet told CoinDesk in an interview. “The cost is going down to zero.”
His comments come as cryptocurrency thefts make headlines again. Just this week, the Solana-based decentralized finance protocol Drift was exploited, with attackers draining $285 million worth of digital assets. It is one of the most serious feats of the year so far. A week earlier, an attack on the Resolv performance protocol caused losses of $25 million.
In total, more than $1.4 billion in assets were stolen or lost in crypto attacks over the past year, according to data from DefiLlama.
From asymmetry to the arms race
Security has long depended on an imbalance: it should be harder and more expensive to hack a system than the potential reward.
But AI is eroding that advantage. Tasks that previously took months for skilled researchers, such as reverse engineering software or chaining exploits, can now be done in seconds with the right prompts.
For cryptocurrencies, where code often controls large funds, that change raises the stakes.
“You have to be perfect,” Guillemet warned the teams developing blockchain protocols.
The problem is exacerbated by AI-generated code. As more developers rely on AI tools, vulnerabilities could spread more quickly.
“There’s no ‘make it safe’ button,” he said. “We are going to produce a lot of code that will be insecure by design.”
Raising the bar for security
For cryptographic protocols, that means rethinking security from the ground up.
Guillemet pointed to formal verification (using mathematical proofs to validate code) as a more robust approach than traditional audits, which can miss errors.
Hardware-based security is another layer, he said. Devices like hardware wallets isolate private keys from Internet-connected systems, reducing exposure.
“When you have a dedicated device that is not exposed to the Internet, its design is more secure,” he said.
That approach is becoming more relevant as malware becomes more advanced. Guillemet described attacks that scan compromised phones for wallet seed phrases, allowing hackers to drain funds without user interaction.
For average cryptocurrency users, Guillemet’s message is blunt: assume that systems can and will fail.
“Most of the systems that are used cannot be trusted,” Guillemet said.
That could drive more users toward cold storage, greater operational security, and keeping sensitive data offline. Even then, the risks extend beyond the software, including physical attacks targeting cryptocurrency holders.
Guillemet expects a division in the future. Critical systems like wallets and protocols will invest heavily in security and adapt. But much of the broader software ecosystem may struggle to keep up.
“It’s really easier to hack everything,” he said.
