What it is: These attacks try to get an AI to help steal cryptocurrency or run scams against crypto users and protocols. The targets include wallets, exchanges, DeFi contracts, and ordinary investors. How the attacks work: The attacker asks the AI for working steps, code, or scripts to drain funds or trick people. They often dress it up as “security research” or “testing” so the request sounds legitimate while the real aim is theft. Real examples from the framework:
  • wallet-drainer asks for code that empties a victim’s crypto wallet once they connect.
  • seed-phrase-phishing builds a fake page or message to trick users into typing their recovery words.
  • rug-pull-creation sets up a token project designed to collapse and run off with buyers’ money.
  • flash-loan-attack plans an exploit that borrows huge sums to manipulate a DeFi pool.
  • private-key-theft seeks ways to grab the secret keys that control someone’s funds.
Why an AI might fall for it: Much of this overlaps with real blockchain security work, so the request can look educational. The AI may explain attacks meant to teach defense and instead hand over a ready-to-use weapon. How to defend:
  • Separate teaching concepts from giving working theft tools or live exploit code.
  • Refuse anything aimed at draining wallets, phishing seed phrases, or scamming investors.
  • Be extra careful when “research” framing asks for deployable steps against real users.