Researchers at the University of California have disclosed security risks in certain third-party AI large language model (LLM) routers that could lead to the theft of cryptocurrency assets. Testing revealed that nine out of 28 paid and 400 free routers actively injected malicious code, two deployed evasion triggers, and 17 accessed Amazon Web Services credentials, even transferring ETH using the researchers’ Ethereum private key. The study recommends developers avoid transmitting private keys or seed phrases through AI agents and calls on AI companies to implement cryptographic signing of responses to enhance security.
Study Reveals Security Vulnerabilities in AI Routers That Could Lead to Crypto Theft
AiCoinShare
Summary
A new study in AI and crypto news reveals security vulnerabilities in AI-powered routers that could lead to crypto theft. Researchers tested 28 paid and 400 free AI-powered routers, discovering nine that injected malicious code, two that employed evasion triggers, and 17 that accessed AWS credentials. Some even stole ETH using test private keys. The report warns against transmitting private keys or mnemonics through AI agents and urges the adoption of encrypted signatures to mitigate security risks.
Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information.
Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.