A new study from Anthropic, covering March 2025 to March 2026, found that AI is making advanced cyberattacks accessible to low-skill criminals — and the crypto industry is feeling the heat. The research, based on 832 banned accounts, shows the share of medium-to-high risk attackers jumped from 33% to 56% in a year. That's a 1.7-fold rise. And it comes as the crypto sector logged 40 major hacks this May, with losses linked directly to AI lowering technical barriers.
What the study found
Anthropic tracked accounts it banned for using AI in cyberattacks. The big takeaway: AI weakens the link between an attacker's skill level and the threat they pose. Unsophisticated hackers can now pull off tasks that once required serious expertise. Of the accounts analyzed, 67.3% used AI for malware development. A smaller slice — 6.5% — employed it for lateral movement inside compromised systems. That's the kind of deep intrusion that lets attackers pivot once they're in.
Shifting tactics
Not all AI use looks the same. The study found AI-assisted phishing actually dropped by 8.6% over the year. But AI-assisted account discovery within networks rose by 8.9%. That suggests attackers are integrating AI deeper into the attack lifecycle — moving from the initial lure to the harder part: finding valuable targets once inside. For crypto exchanges and projects, that shift means perimeter defenses aren't enough anymore.
The May hack tally
The crypto industry logged 40 major hacks this May, resulting in significant financial losses. The timing isn't great. The Anthropic study didn't name specific victims or amounts — but the parallel is hard to ignore. As AI tools get cheaper and easier to use, the pool of potential attackers widens. Small-time crooks can now act like sophisticated threat actors. The 40-hack month might be a preview of what's coming.
Crypto security teams are already scrambling. The industry will likely see more audits, faster patching cycles, and probably a push for AI-powered defense tools. But the cat-and-mouse game just got harder. The next concrete question: how many of those 40 hacks will be traced back to AI-assisted origin? Anthropic's data suggests most of them could be. That answer may come as investigations wrap up in the coming weeks.
