Anthropic released a public version of its Mythos AI model this week without basic cybersecurity protections, according to the company. The stripped-down launch — which omits features like input sanitization, rate limiting, and adversarial attack detection — comes as crypto exchanges, DeFi protocols, and trading bots lean more heavily on large language models for customer support, transaction analysis, and automated trading decisions. The timing isn't great.
What Anthropic released
The Mythos-class model, a successor to Anthropic's earlier Claude line, was made available through a public API and a web interface. But the company confirmed it shipped without the safety guardrails that typically prevent prompt injection, data leakage, or model misuse. Anthropic described the release as a 'limited experiment to gauge real-world behavior,' but didn't specify how long the unprotected version would remain online or whether user data from the trial would be logged without consent.
Why crypto is at risk
Crypto companies have been among the fastest adopters of generative AI. Several major exchanges now use language models to field support tickets, flag suspicious transactions, and even generate smart-contract code. An AI without security features could be manipulated — for example, tricked into revealing private keys, bypassing fraud checks, or generating vulnerable contract logic. The attack surface is real, and the industry has few redundancies in place.
The broader urgency
Anthropic's own release notes acknowledge that the unprotected Mythos model "highlights an urgent need for enhanced cybersecurity measures across industries, particularly in crypto." Regulators haven't commented yet, but the episode is likely to fuel calls for mandatory AI safety audits before integration into financial infrastructure. For now, crypto teams running Mythos — or any unvetted open-weight model — have a patch-up job ahead of them.
The next concrete step: Anthropic has said it will publish a post-experiment report by the end of the month. Until then, the industry is left guessing how many systems have already connected to the unsecured model — and what data may have been exposed.
