Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Opinion of: Danor Cohen, co-founder and CTO of Kerberus
In 2025, crypto risk is a torrent. AI is turbocharge scams. Deepfake pitches, voice clones, synthetic support agents – all these are no longer fringe tools but first-line weapons. Last year, crypto scams probably reached a record high. The proceeds of crypto fraud reached at least $9.9 billionpartly driven by AI-enabled generative methods.
Meanwhile, in 2025, more than $2.17 billion was stolen – and this is only in the first half of the year. Personal wallet compromises now account for nearly 23% of stolen funds cases.
However, the industry responds with essentially the same tired toolkit: audits, blacklists, refund promises, user awareness drives and post-incident write-ups. These are reactive, slow and poorly suited to a threat that evolves at machine speed.
AI is the alarm bell of crypto. It tells us how vulnerable the current structure is. Unless we move from patchwork reaction to baked resilience, we risk a collapse not in price, but in confidence.
AI has reshaped the battlefield
Scams involving deepfakes and synthetic identities have gone from novelty headlines to mainstream tactics. Generative AI is used to scale the bait, clone voices and trick users into sending funds.
The most significant change is not just a matter of scale. It is the speed and personalization of deception. Attackers can now replicate trusted environments or people almost instantly. The shift toward real-time defense must also accelerate—not just as a feature, but as a vital part of the infrastructure.
Outside of the crypto sector, regulators and financial authorities are waking up. The Monetary Authority of Singapore published a deepfake risk advisory to financial institutions, signaling that AI systemic deception is on their radar.
The threat has evolved; the industry’s security mentality has not.
Reactive security leaves the user as a walking target
Security in crypto has long relied on static defenses, including audits, bug bounties, code audits and blocklists. These tools are designed to identify code weaknesses, not behavioral cheating.
While many AI scams focus on social engineering, it is also true that AI tools are increasingly used to find and exploit code vulnerabilities, automatically scanning thousands of contracts.
The risk is twofold: technical and human.
When we rely on block lists, attackers simply spin up new wallets or phantom domains. When we depend on audits and reviews, the exploitation is already live. And when we treat each incident as a “user error,” we absolve ourselves of responsibility for systemic design flaws.
Related: Crisis management for CEX during a cyber security threat
In traditional finance, banks can block, reverse or freeze suspicious transactions. In crypto, a signed transaction is final. And that finality is one of the crowning characteristics of crypto and becomes its Achilles heel when fraud is instantaneous.
In addition, we often advise users: “Do not click unknown links” or “Check addresses carefully”. These are acceptable best practices, but today’s attacks usually come from trusted sources.
No amount of prowess can keep pace with an opponent who continually adapts and customizes attacks in real time.
Embed protection into the fabric of transaction logic
It’s time to evolve from defense to design. We need transaction systems that react before the damage is done.
Consider wallets that detect anomalies in real time and not only report suspicious behavior, but also intervene before damage occurs. This means needing extra confirmation, holding transactions temporarily or analyzing the intent: is this to a known counterparty? Is the quantity out of the model? Does the address indicate a history of previous scam activity?
The infrastructure must support shared intelligence networks. Wallet services, nodes and security providers should exchange behavioral signals, address reputation threat and anomaly scores with each other. Attackers will not be able to jump through silos unhindered.
Similarly, contract-level fraud detection frameworks scrutinize contract bytecode to flag phishing, Ponzi, or honeypot behaviors in smart contracts. Again, these are retrospective or stratified instruments. What is critical now is to move these capabilities into user workflows—into wallets, signature processes, and transaction verification layers.
This approach does not require heavy AI anywhere; it requires automation, distributed detection loops and a coordinated consensus on risk, all embedded in transaction streams.
If the crypto does not act, it loses the narrative
Let the regulators define the fraud protection architecture, and we will be limited. But they are not waiting. Regulators are effectively preparing to regulate financial fraud as part of algorithmic surveillance.
If crypto doesn’t voluntarily adopt systemic protections, regulation will impose them—likely through rigid frameworks that limit innovation or impose centralized controls. The industry can drive its own evolution or legislate for it.
From defense to insurance
Our job is to restore trust. The goal is not to make hacking impossible, but to make irreversible loss intolerable and exceedingly rare.
We need “insurance-level” behavior: transactions that are effectively monitored, with fallback checks, pattern fuzzing, anomaly break logic, and built-in shared threat intelligence. Portfolios should no longer be silent signature tools, but active participants in risk detection.
We must challenge the dogmas. Self-care is necessary, but not sufficient. We have to stop treating security tools as optional – they should be the default. Education is valuable, but design is decisive.
The next frontier is not speed or performance; is fraud resistance. Innovation should not flow from how quickly blockchains are installed, but from how reliably they prevent malicious flows.
Yes, AI has exposed weaknesses in the crypto security model. But the threat is not smarter scams; it is our refusal to evolve.
The answer is not to embed AI in every wallet; it’s about building systems that make AI-powered cheating unprofitable and unviable.
If defenders remain reactive, issuing autopsies and blaming users, deception will continue to outpace defense.
Crypto doesn’t need to outsmart AI in every battle; must overcome it by embedding trust.
Opinion of: Danor Cohen, co-founder and CTO of Kerberus.
This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed herein are solely those of the author and do not necessarily reflect or represent the views and opinions of Cointelegraph.
