Not only does AI tools help you put it on top of your email, they also give the scammers an edge when stealing your code.
Whether it’s by boosting traditional “social engineering” scams or writing crypto-stealing code disguised into legitimate JavaScript packages, AI is sitting behind the scenes to help profits roll out while organizing users from tokens.
I don’t trust anyone
According to Joey Santoro, a Decentralized Financial (DEFI) developer behind the FEI protocol and ERC-4626 (Tokenized Vault) token standard, a friend recently lost $2 million to a “sleek” Deepfark scam.
Santoro claims that Audio Deepfark from Paul Faecks, founder of Blockchain Plasma, focused on Stablecoin, was used to pitch the role of an advisor along with information that it was “a perfect match (friend’s) profile.”
During the call, the victim opened the file (although it was blocked by security software on the first attempt) that it was “”Password and private keys were successfully accessed. ”
Santoro warns users to “keep the encryption as isolated as possible from daily devices.”
Read more: Hong Kong Bust Crypto Scam Created “Excellent Women” Using AI Deepfake
While many responses to the post focus on the risk of maintaining such a large amount in an internet-connected “hot wallet,” Phantom Security highlighted the dangers of modern deepfake technology.
It’s hidden in the outlook
Last week, supply chain security company Paul McCarty reported a hidden wallet drain package in an example of “how threat actors can leverage AI to create more persuasive and dangerous malware.”
The expected patch manager includes a “sleek cryptocurrency wallet drainer with multiple malicious features” designed to target “unsuspecting developers and users of their applications.”
It is disguised as a genuine open source “NPM Registry Cache Manager” that appears to provide “license verification and registry optimization.”
However, the source code provides the game with documentation that includes the “name”.Enhanced Stealth Wallet Drainer. ”
Apart from the obvious naming gaffe, McCarty pointed out that “malware is surprisingly well written” and likely deployed in the UTC +5 timezone (which can refer to Russian, Chinese, or Indian authors).
The clue that leads McCarty to believe that the source code is written in AI is that it is primarily a stylistic prize. The presence of emojis, excessive use of console messages, frequency and details of comments, and other style markers.
It appears that 19 versions of the package, released on July 28th, were downloaded more than 1,500 times before it was marked malicious on July 30th.
Read more: Coindcx Hack: $44 million after Dev opens file from side gig
On the back?
The AI tools clearly support attackers, but they don’t seem to be that strong in defensiveness.
The “The Largest Open Red Teaming Study of AI Agents to date” sponsored by the AI Security Institute and top AI companies, hackers received a $170,000 prize money to test the security of many AI agents.
Read more: Coinbase Leak prompts KYC criticism from Crypto executives
The resulting “1.8 million rapid injection attacks” have ended 60,000 successful violations “Unauthorized access to data, illegal financial measures, regulatory non-violation, etc.”
Lead author Andy Elephant emphasized that even the best performance models have an attack success rate of 1.5%, and the “favorite obstacle” mechanism involves performing prohibited actions while refusing to reject the model’s UI.
AI traders beat Warren Buffet
Elsewhere, the AI model plays somewhere between Berkshire Hathaway and the S&P.
Read more: Songs for Pumping and Dumping: Crypto’s Spotify Leak
The trading bot based on Claude Sonnet 4 sits in a PNL just over 2% behind the S&P, nearly two months after the $100,000 experiment/trading competition.
The GPT 4.1 model rose 0.6%, surpassing Berkshire Hathaway’s 3.6% loss.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
