TechFlow News, April 13: According to a CoinDesk report, researchers from the University of California, Santa Barbara; the University of California, San Diego; blockchain security firm Fuzzland; and World Liberty Financial have jointly published a paper warning that “LLM routers”—intermediary services positioned between users and AI models—have become a major security threat to crypto assets. The researchers discovered that 26 LLM routers are secretly injecting malicious tool calls and stealing user credentials; in one incident, a customer’s cryptocurrency wallet containing $500,000 was completely drained.
Moreover, by “poisoning” the router ecosystem, the researchers were able to gain control over approximately 400 downstream hosts within hours. Since sensitive data—including private keys and API credentials—is frequently transmitted in plaintext through these routers, users unknowingly expose their assets to risk.
The researchers note that as McKinsey forecasts AI agents will mediate $3–5 trillion in global consumer commerce by 2030—and Binance founder Changpeng Zhao predicts AI agents’ payment volume will be one million times greater than that of humans—the current infrastructure’s security lags severely behind industry development speed. Risks associated with this “weakest link” could trigger systemic, cascading crises.
