Crypto platforms – and investors – have long suffered from hacker attacks and exploits. Now artificial intelligence (AI) is making this threat even worse.
That’s according to Charles Guillemet, chief technology officer at crypto wallet provider Ledger, who said the economics of cybersecurity are collapsing as AI tools make it faster and cheaper to attack systems.
“Finding vulnerabilities and exploiting them becomes really, really easy,” Guillemet told CoinDesk in an interview. “Costs are coming down to zero.”
His remarks come as crypto theft is in the headlines again. This week, the Solana-based decentralized finance protocol Drift was exploited, with attackers draining $285 million in digital assets. It is one of the most serious feats of the year so far. A week before that, an attack on the Resolv dividend protocol led to $25 million in losses.
All told, over $1.4 billion in assets were stolen or lost in crypto attacks over the past year, according to data from DefiLlama.
From asymmetry to arms race
Security has long relied on an imbalance: it should be harder and more expensive to hack a system than the potential reward.
But AI is eroding that advantage. Tasks that once took skilled researchers months, such as reverse engineering software or chain operation, can now be done in seconds with the right prompts.
For crypto, where code often controls large pools of funds, this shift raises the stakes.
“You have to be perfect,” Guillemet warned teams developing blockchain protocols.
The problem is exacerbated by AI-generated code. As more developers rely on AI tools, vulnerabilities can spread more quickly.
“There is no ‘make it safe’ button,” he said. “We’re going to produce a lot of code that will be insecure by design.”
Raises the safety bar
For crypto protocols, this means rethinking security from the ground up.
Guillemet pointed to formal verification — using mathematical proofs to validate code — as a stronger approach than traditional audits, which can miss bugs.
Hardware-based security is another layer, he said. Devices such as hardware wallets isolate private keys from internet-connected systems, reducing exposure.
“When you have a dedicated device that’s not exposed to the Internet, it’s more secure by design,” he said.
This approach becomes more relevant as malware becomes more sophisticated. Guillemet described attacks that scan compromised phones for wallet seed phrases, allowing hackers to drain funds without user interaction.
For average crypto users, Guillemet’s message is blunt: assume that systems can and will fail.
“You can’t trust most of the systems you use,” Guillemet said.
It can push more users towards cold storage, stronger operational security and keeping sensitive data offline. Even then, risks extend beyond software, including physical attacks targeting crypto holders.
Guillemet expects a turning point ahead. Critical systems like wallets and protocols will invest heavily in security and adapt. But much of the wider software ecosystem may struggle to keep up.
“It’s really easier to hack everything,” he said.
