Research finds that third-party AI routers have security vulnerabilities, which may lead to cryptocurrency theft

According to market news, researchers from the University of California recently disclosed that some third-party AI large language model (LLM) routers have security risks that could lead to the theft of cryptocurrency assets. The research shows that LLM routers, acting as API intermediaries, can read plaintext information, and some routers have been found to inject malicious code and steal credentials.

The team tested 28 paid and 400 free routers, finding that 9 routers actively injected malicious code, 2 deployed evasion triggers, and 17 accessed Amazon Web Services credentials. Some routers even transferred ETH using the researchers' Ethereum private keys.

The study pointed out that the malicious behavior of the routers is difficult to detect, and some AI agent frameworks' "YOLO mode" can automatically execute commands, increasing security risks. The research recommends that developers should not allow private keys or mnemonic phrases to be transmitted through AI agents and calls on AI companies to encrypt signatures in responses to enhance security.