The AI Agent Revolution Can't Come Soon Enough—Except They're Leaking Private Keys

Crypto's biggest names are betting big on AI agents. McKinsey says these bots could handle $3 trillion to $5 trillion of global consumer commerce by 2030. Coinbase's Brian Armstrong recently declared that 'very soon' there will be more AI agents than humans making transactions online. Binance's Changpeng Zhao went further, predicting agents will process one million times more payments than humans—all in crypto. Apparently, the robots are coming for our DeFi yields whether we're ready or not.

But there's a problem. Security researchers just dropped a paper explaining how a mostly ignored piece of AI infrastructure is already being exploited to steal credentials and drain crypto wallets. Because nothing says 'trustless revolution' like accidentally handing your private keys to a sketchy middleman.

The culprit? So-called 'LLM routers'—services that sit between users and AI models like OpenAI or Anthropic. These routers forward requests to the actual AI models, but they also have full visibility into everything passing through them, including sensitive data. Think of them as that one guy at a party who reads every text message out loud and then wonders why nobody trusts him.

'LLM agents have moved beyond conversational assistants into systems that book flights, execute code, and manage infrastructure on behalf of users,' the researchers noted, highlighting how quickly these tools are taking on real-world financial tasks. Apparently, your AI assistant is now also your accountant, travel agent, and—thanks to this vulnerability—potential exit scammer.

The vulnerability is significant. Users think they're chatting directly with a reputable AI model when many requests actually pass through intermediary services that can see and modify that data. It's like ordering pizza delivery and having the driver secretly taste every slice before it reaches you. Sure, they promise they didn't add anything weird, but somehow you always end up with anchovies.

According to researcher Chaofan Shou, the problem is no longer theoretical. He posted on X that '26 LLM routers are secretly injecting malicious tool calls and stealing creds. One drained our client $500k wallet. We also managed to poison routers to forward traffic to us. Within several hours, we can directly take over ~400 hosts.' That's not a bug report, that's a crime scene.

'A malicious router can replace a benign command with an attacker-controlled one or