Opinion: Danor Cohen, Kerberus Co-Founder and Chief Technology Officer
In 2025, there will be a torrent of cryptocurrency risks. AI accelerates fraud. Deepfake pitches, voice clones, synthetic support agents – these are all no longer peripheral tools, but front-line weapons. Cryptocurrency fraud may have hit an all-time high last year. Cryptocurrency fraud revenue has reached at least $9.9 billion, driven in part by methods that leverage generative AI.
Meanwhile, more than $2.17 billion was stolen in 2025, but that happened in the first half of this year. Personal wallet compromises currently account for nearly 23% of fund theft incidents.
Yet the industry is essentially responding with the same old toolkit: audits, blacklists, reimbursement promises, user awareness, and post-incident reporting. They are reactive and slow, making them unsuitable for threats that evolve at the speed of machines.
AI is a wake-up call for cryptocurrencies. This shows how fragile the current structure is. Unless we move from patchwork reactions to built-in resilience, we risk a collapse in confidence, not prices.
AI reshapes the battlefield
Scams using deepfakes and synthetic identities have gone from novelty headlines to mainstream tactics. Generative AI is being used to scale decoys, replicate voices, and trick users into transferring funds.
The most important change is not just a matter of scale. It’s the speed and personalization of deception. Attackers can now replicate trusted environments and people almost instantly. The transition to real-time defense must also accelerate, not just as a feature but as a critical part of the infrastructure.
Even outside the cryptocurrency sector, regulators and financial authorities are starting to wake up. The Monetary Authority of Singapore has issued an advisory on deepfake risks for financial institutions, indicating that organized AI deception is being monitored.
Threats are evolving. The industry’s approach to security hasn’t changed.
With reactive security, users become roaming targets.
Cryptocurrency security has long relied on static defenses such as audits, bug bounties, code audits, and blocklists. These tools are designed to identify weaknesses in your code, not behavioral deceptions.
While many AI frauds focus on social engineering, it is also true that AI tools are increasingly being used to find and exploit vulnerabilities in code, automatically scanning thousands of contracts.
There are two types of risks: technical risks and human risks.
Relying on blocklists allows attackers to simply launch new wallets or phantom domains. If you rely on audits and reviews, the exploit is already enabled. And treating all incidents as “user error” absolves you of liability for system design flaws.
In traditional finance, banks can block, reverse, or freeze suspicious transactions. In cryptocurrencies, signed transactions are final. And that finality is one of cryptocurrency’s best features and its Achilles heel when fraud is instantaneous.
Additionally, we often advise users to “do not click on unknown links” or “check the address carefully”. While these are acceptable best practices, today’s attacks typically come from trusted sources.
No amount of vigilance can keep up with attackers who continually adapt and personalize their attacks in real time.
Embedding protection into the structure of your transaction logic
It’s time to evolve from defense to design. We need a trading system that can respond before damage occurs.
Consider a wallet that detects anomalies in real-time and not only flags suspicious behavior, but also intervenes before harm occurs. This means we may need to request additional confirmations, temporarily hold transactions, or analyze intent. Is this for a known counterparty? Is the amount outside the regulations? Does the address show a history of previous fraudulent activity?
The infrastructure must support a shared intelligence network. Wallet services, nodes, and security providers must exchange behavioral signals, threat address reputations, and anomaly scores with each other. Attackers should not be able to jump across silos unimpeded.
Similarly, contract-level fraud detection frameworks scrutinize contract bytecodes to flag phishing, Ponzi, or honeypot behavior in smart contracts. Again, these are retrospective or layered tools. The key now is to move these capabilities into the user workflow: the wallet, signature process, and transaction validation layer.
This approach doesn’t require advanced AI everywhere. It requires automation, decentralized detection loops, and coordinated consensus around risk, all of which are built into transaction lanes.
If cryptocurrencies don’t work, the story will be lost.
If you let regulators define your anti-fraud architecture, you will ultimately be constrained. But they don’t wait. Regulators are effectively preparing to regulate financial deception as part of algorithmic oversight.
If cryptocurrencies do not voluntarily adopt systemic protections, regulation will impose them, perhaps through strict frameworks that stifle innovation or force centralized control. Industry can lead its own evolution or legislate for it.
From protection to assurance
Our task is to restore confidence. The goal is not to make hacking impossible, but to make irreparable loss intolerable and extremely rare.
We need “insurance-grade” behavior, transactions that are effectively monitored by fallback checks, pattern fuzzing, abnormal pause logic, and built-in shared threat intelligence. Wallets should no longer be dumb signing tools, but active participants in risk detection.
We must challenge dogma. Self-custody is necessary but not sufficient. Stop treating security tools as optional. Security tools should be default. Education is important, but design is decisive.
The next frontier is not about speed or yield. That’s fraud prevention. Innovation should not come from how quickly blockchains take hold, but from how reliably they block malicious flows.
Yes, AI has exposed weaknesses in the security model of cryptocurrencies. But the threat is not an elaborate scam. It’s refusing us to evolve.
The answer is not to build AI into every wallet. It’s about building a system that makes AI-enabled deception profitable and unfeasible.
If defenders continue to be reactive by conducting postmortem investigations and blaming users, deception will continue to outweigh defense.
Cryptocurrency doesn’t need to outsmart AI in every battle. We must go beyond that by embedding trust.
Opinion: Danor Cohen, Co-Founder and Chief Technology Officer of Kerberus.
This article is for general informational purposes only and is not intended to be, and should not be taken as, legal or investment advice. The views, ideas, and opinions expressed herein are those of the author alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
