Major Security Vulnerability Found in AI Agent Crypto Payment Infrastructure; LLM Router Leads to $500,000 Wallet Theft
According to CoinDesk, researchers from the University of California, Santa Barbara; the University of California, San Diego; blockchain security firm Fuzzland; and World Liberty Financial jointly published a paper warning that “LLM routers”—intermediary services positioned between users and AI models—have become a major threat to cryptocurrency asset security. The researchers discovered that 26 LLM routers are secretly injecting malicious tool calls and stealing user credentials, with one incident resulting in the complete draining of a customer’s cryptocurrency wallet worth $500,000.
Additionally, by “poisoning” the router ecosystem, the researchers were able to gain control of approximately 400 downstream hosts within hours. Since sensitive data—including private keys and API credentials—is frequently transmitted in plaintext through these routers, users unknowingly expose their assets to risk.
The researchers note that as McKinsey forecasts AI agents will mediate $3–5 trillion in global consumer commerce by 2030—and Binance founder Changpeng Zhao predicts AI agents’ payment volume will be one million times greater than that of humans—the current infrastructure’s security lags far behind the pace of industry development. The “weakest link” risk could thus trigger systemic, cascading crises.