According to a report by CoinDesk on April TechFlow, researchers from the University of California, Santa Barbara, the University of California, San Diego, blockchain security company Fuzzland, and World Liberty Financial jointly published a paper warning that "LLM routers"—intermediary services located between users and AI models—have become a major vulnerability to crypto asset security. The researchers discovered that 26 LLM routers were secretly injecting malicious tools to call and steal user credentials, with one incident resulting in the emptying of a customer's crypto wallet worth $500,000.
Furthermore, researchers were able to control approximately 400 downstream hosts within hours by "polluting" the router ecosystem. Because sensitive data such as private keys and API credentials are often transmitted in plaintext through these routers, users are effectively exposing their assets to risk without their knowledge.
Researchers point out that as McKinsey predicts AI agents will mediate $3 trillion to $5 trillion in global consumer commerce by 2030, Binance founder CZ also predicts that AI agents will handle millions of times more payments than humans. Currently, infrastructure security is lagging far behind the industry's development speed, and the risk of the "weakest link" may trigger a systemic chain crisis.
