Researchers at the University of California (UC) have revealed that third-party AI Large Language Model (LLM) routers contain security vulnerabilities that could lead to cryptocurrency theft, Cointelegraph reported. The researchers explained, "After testing 28 paid routers and 400 free routers, it was found that 9 were injecting malicious code, 17 accessed Amazon Web Services (AWS) credentials owned by the researchers, and one actually stole ETH from a wallet owned by the researchers." LLM routers are third-party API intermediaries that integrate access to AI providers such as OpenAI, Anthropic, and Google, and can expose developers' private keys, seed phrases, and sensitive data when performing smart contract or wallet operations through AI coding agents.
