Here’s what happened in crypto today

Today in crypto, the European Union targets 11 crypto platforms in its latest sanctions package, Anthropic’s release of Claude Mythos put some crypto users on edge and unverified smart contracts were linked to at least $36.7 million in losses across four DeFi exploits since January.

EU proposes ban on 11 crypto platforms in Russia sanctions push

The EU proposed banning transactions on 11 crypto platforms as part of its 21st sanctions package against Russia.

Kaja Kallas, vice president of the European Commission and the EU’s high representative for foreign affairs and security policy, outlined measures targeting banks, weapons manufacturers, oil traders, refineries and other entities outside the bloc.

Source: Kaja Kallas

“We will also tighten our ban for crypto-asset services to certain third countries, add new designations, and ban transactions on 11 crypto platforms,” Kallas said in a post on X.

The proposal would widen the EU’s sanctions campaign beyond Russian banks and energy revenues to crypto firms accused of helping Moscow circumvent restrictions imposed over its war in Ukraine.

European Commission President Ursula von der Leyen said the targets had served sanctioned Russian individuals and entities or helped circumvent EU measures.

Crypto wary as Anthropic releases Claude Mythos

Anthropic on Tuesday released the first public version of its powerful Claude Mythos model that uncovered thousands of major vulnerabilities last month, with some crypto users worried it could be used for malicious purposes despite embedded guardrails. 

The company said the model, called Fable 5, was “made safe for general use,” and reroutes some topics, such as cybersecurity, to a different model as “without safeguards, Fable 5’s capabilities in areas like cybersecurity could be misused to cause serious damage.”

Source: Claude

That did little to reassure crypto users, such as Moonrock Capital founder Simon Dedic, who said the “cost and skill required to find exploitable flaws in smart contracts is about to drop to basically zero.” He also urged crypto users to revoke wallet approvals and move crypto to fresh hardware wallets to protect themselves.

Curve Finance co-founder Michael Egorov, however, said that the threat Claude Mythos posed to crypto was likely overblown as its success in finding bugs in other software might not translate to funding smart contract vulnerabilities in crypto due to differences in coding.

Unverified DeFi contracts linked to $36.7M in losses: Chainalysis

Unverified smart contracts were linked to at least $36.7 million in losses across four DeFi exploits over the past six months, as attackers increasingly target protocols whose source code is not publicly available, according to Chainalysis.

The largest incident involved Truebit, which lost $26.2 million after an attacker exploited an integer overflow vulnerability in a contract that had remained unverified on Ethereum since 2021. The other incidents involved Trusted Volumes, Aperture Finance and Ekubo, according to the report.

In each case, the exploited contract had not been verified on a blockchain explorer, meaning its source code was not publicly available for review. According to Chainalysis, that limited scrutiny from security researchers and excluded the contracts from many bug bounty programs despite controlling user funds.

Chainalysis attributed the trend in part to advances in decompilation tools and artificial intelligence, which can help attackers reverse-engineer smart contract bytecode and identify vulnerabilities even when source code is not publicly available.

Five protocols saw exploits on unverified smart contracts since January.
Source: Chainalysis