Articles
Crypto Market Analysis

Researchers discover malicious AI agent routers that can steal crypto

User Image

โดย ไม่ระบุชื่อ

สร้างแล้ว April 13, 2026|อ่านใน 2 นาที
Main Image

26 LLM routers are “secretly injecting malicious tool calls and stealing creds,” warns researcher Chaofan Shou.

University of California researchers have discovered that some third-party AI large language model (LLM) routers can pose security vulnerabilities that can lead to crypto theft. 

A paper measuring malicious intermediary attacks on the LLM supply chain, published on Thursday by the researchers, revealed four attack vectors, including malicious code injection and extraction of credentials. 

“26 LLM routers are secretly injecting malicious tool calls and stealing creds,” said the paper’s co-author, Chaofan Shou, on X.

LLM agents increasingly route requests through third-party API intermediaries or routers that aggregate access to providers like OpenAI, Anthropic and Google. However, these routers terminate Internet TLS (Transport Layer Security) connections and have full plaintext access to every message. 

This means that developers using AI coding agents such as Claude Code to work on smart contracts or wallets could be passing private keys, seed phrases and sensitive data through router infrastructure that has not been screened or secured.

The researchers tested 28 paid routers and 400 free routers collected from public communities. 

Their findings were startling, with nine routers actively injecting malicious code, two deploying adaptive evasion triggers, 17 accessing researcher-owned Amazon Web Services credentials, and one draining Ether (ETH) from a researcher-owned private key.

Related: Anthropic limits access to AI model over cyberattack concerns

The researchers prefunded Ethereum wallet “decoy keys” with nominal balances and reported that the value lost in the experiment was below $50, but no further details such as the transaction hash were provided. 

The authors also ran two “poisoning studies” showing that even benign routers become dangerous once they reuse leaked credentials through weak relays.

The researchers said it was not easy to detect when a router was malicious.  

Another unsettling find was what the researchers called “YOLO mode.” This is a setting in many AI agent frameworks where the agent executes commands automatically without asking the user to confirm each one.

Previously legitimate routers can be silently weaponized without the operator even knowing, while free routers may be stealing credentials while offering cheap API access as the lure, the researchers found.

The researchers recommended that developers using AI agents to code should bolster client-side defenses, suggesting never letting private keys or seed phrases transit an AI agent session.

The long-term fix is for AI companies to cryptographically sign their responses so the instructions an agent executes can be mathematically verified as coming from the actual model. 

Magazine: Nobody knows if quantum secure cryptography will even work

Source: CoinTelegraph


บทความอื่นๆที่เผยแพร่เมื่อเร็วๆนี้

Ondo Finance debuts SEC-aligned tokenized stock model with BlackRock ETF, Micron shares
Ondo Finance debuts SEC-aligned tokenized stock model with BlackRock ETF, Micron shares

Crypto Market Analysis

Broadridge and transfer agent Oasis Pro underpin a new structure that keeps tokenized securities wit...

Ether and solana extend gains as a short squeeze lifts bitcoin toward $62,000
Ether and solana extend gains as a short squeeze lifts bitcoin toward $62,000

Bitcoin

Bearish traders lost $281 million in liquidations over 24 hours, nearly double the longs, as bitcoin...

XRP bulls test path back toward $1.10 as token zips 4% higher
XRP bulls test path back toward $1.10 as token zips 4% higher

Crypto Market Analysis

Buyers defended a higher low and pushed XRP toward near-term resistance, though the move still needs...

Finally. $221 million flow into Bitcoin ETFs, ending a painful 10-day outflow streak
Finally. $221 million flow into Bitcoin ETFs, ending a painful 10-day outflow streak

Bitcoin

Spot ETFs had their strongest inflow day in two months, driven by funds other than BlackRock’s IBI...

Bitcoin holds $61K after US jobs data report, AI sector weakness: Did BTC bottom?
Bitcoin holds $61K after US jobs data report, AI sector weakness: Did BTC bottom?

Bitcoin

Bitcoin bulls may make a run on $70,000 after weak US jobs data eased rate hike fears and capital lo...

Securitize gains on NYSE debut with tokenized stocks live on Solana, Avalanche
Securitize gains on NYSE debut with tokenized stocks live on Solana, Avalanche

Solana

Securitize has issued tokenized versions of its shares on Solana and Avalanche, marking the first ti...