A recent study by researchers at the University of California has revealed alarming security vulnerabilities in third-party AI large language model (LLM) routers, which can facilitate cryptocurrency theft. The paper published on Thursday outlines four main attack vectors, including malicious code injection and the extraction of credentials. Co-author Chaofan Shou noted that 26 LLM routers were found to be secretly injecting malicious tool calls and stealing credentials. The research involved testing 28 paid routers and 400 free routers, revealing that nine routers were actively injecting malicious code and one drained Ether (ETH) from a researcher-owned private key. The researchers emphasized the difficulty in detecting malicious routers, as they read secrets in plaintext during normal operations. They also identified a concerning feature known as 'YOLO mode' in many AI frameworks, which allows agents to execute commands without user confirmation, potentially weaponizing previously legitimate routers. To mitigate these risks, developers are recommended to enhance client-side defenses and avoid passing sensitive information through AI agent sessions. The long-term solution proposed involves AI companies cryptographically signing their responses to ensure the integrity of the commands executed by agents.