tradingkey.logo
tradingkey.logo
Search

Crypto Security Faces New Test As Rogue AI Agents Emerge

BitcoinistApr 14, 2026 2:00 AM
facebooktwitterlinkedin
View all comments0

Researchers from the University of California set up a trap — a crypto wallet loaded with a small amount of Ether and connected to third-party AI routing infrastructure. One of the routers took the bait. The wallet was drained. The loss was under $50, but the implications reached far beyond the dollar amount.

That experiment was part of a broader study published recently, in which researchers tested 428 large language model routers — 28 paid and 400 free — collected from public online communities.

What they found was alarming. Nine routers were actively inserting malicious code into traffic passing through them. Two were using evasion techniques to avoid detection. Seventeen accessed AWS credentials belonging to the researchers. One stole actual cryptocurrency.

How Routers Became A Security Blind Spot

LLM routers sit between a developer’s application and AI providers such as OpenAI, Anthropic, and Google. They work as intermediaries, bundling API access into a single pipeline.

The problem is structural. These routers terminate encrypted internet connections — known as TLS — and read every message in plain text before passing it along. That means anything sent through them, including private keys, seed phrases, and login credentials, is fully visible to whoever operates the router.

According to the researchers, the line between normal credential handling and outright theft is invisible from the client’s end. Developers have no way to tell the difference. A router that looks like a legitimate service can silently forward sensitive data to a third party without triggering any alarm.

Co-author Chaofan Shou said on X that 26 routers were found to be “secretly injecting malicious tool calls and stealing creds.”

Crypto

The study also flagged what researchers called “YOLO mode” — a setting built into many AI agent frameworks that lets agents run commands without stopping to ask users for approval.

A malicious router combined with an auto-executing agent could move funds or exfiltrate data before a developer even notices something went wrong.

Crypto Security: Free Access Used As Bait

Reports from the study indicate that free routers are especially suspect. Cheap or no-cost API access appears to be used as an incentive to get developers to route traffic through infrastructure that may be harvesting credentials in the background.

Even routers that start out clean are not safe — the researchers found that previously legitimate routers can be quietly turned malicious once operators reuse leaked credentials through poorly secured relay systems.

The recommended fix for now is straightforward: keep private keys and seed phrases out of any AI agent session entirely.

For the long term, researchers say AI companies need to cryptographically sign their responses so that the instructions an agent executes can be mathematically traced back to the actual model — cutting off the ability of any middleman to tamper with them undetected.

Featured image from Xage Security, chart from TradingView

Disclaimer: The information provided on this website is for educational and informational purposes only and should not be considered financial or investment advice.

Comments (0)

Click the $ button, enter the symbol, and select to link a stock, ETF, or other ticker.

0/500
Commenting Guidelines
Loading...

Recommended Articles

tradingkey.logo
* References, analysis, and trading strategies are provided by the third-party provider, Trading Central, and the point of view is based on the independent assessment and judgement of the analyst, without considering the investment objectives and financial situation of the investors.
Risk Warning: Our Website and Mobile App provides only general information on certain investment products. Finsights does not provide, and the provision of such information must not be construed as Finsights providing, financial advice or recommendation for any investment product.
Investment products are subject to significant investment risks, including the possible loss of the principal amount invested and may not be suitable for everyone. Past performance of investment products is not indicative of their future performance.
Finsights may allow third party advertisers or affiliates to place or deliver advertisements on our Website or Mobile App or any part thereof and may be compensated by them based on your interaction with the advertisements.
© Copyright: FINSIGHTS MEDIA PTE. LTD. All Rights Reserved.