News linked to both this project and an event.
According to CoinDesk, researchers from the University of California, Santa Barbara; the University of California, San Diego; blockchain security firm Fuzzland; and World Liberty Financial jointly published a paper warning that “LLM routers”—intermediary services positioned between users and AI models—have become a major threat to cryptocurrency asset security. The researchers discovered that 26 LLM routers are secretly injecting malicious tool calls and stealing user credentials, with one incident resulting in the complete draining of a customer’s cryptocurrency wallet worth $500,000. Additionally, by “poisoning” the router ecosystem, the researchers were able to gain control of approximately 400 downstream hosts within hours. Since sensitive data—including private keys and API credentials—is frequently transmitted in plaintext through these routers, users unknowingly expose their assets to risk. The researchers note that as McKinsey forecasts AI agents will mediate $3–5 trillion in global consumer commerce by 2030—and Binance founder Changpeng Zhao predicts AI agents’ payment volume will be one million times greater than that of humans—the current infrastructure’s security lags far behind the pace of industry development. The “weakest link” risk could thus trigger systemic, cascading crises.
According to Cointelegraph, researchers from the University of California recently revealed security risks in certain third-party AI large language model (LLM) routers that could lead to the theft of cryptocurrency assets. The study found that LLM routers—acting as API intermediaries—can read plaintext information; some routers were discovered injecting malicious code and stealing credentials. The research team tested 28 paid and 400 free routers, identifying nine routers that actively injected malicious code, two that deployed trigger-avoidance mechanisms, and 17 that accessed Amazon Web Services (AWS) credentials. One router even transferred ETH using the researchers’ Ethereum private key. The study notes that malicious behavior by routers is difficult to detect, and the “YOLO mode” present in some AI agent frameworks—which automatically executes commands—further increases security risks. Researchers recommend that developers avoid transmitting private keys or mnemonic phrases through AI agents and urge AI companies to implement cryptographic signing of responses to enhance security.