LogoAgentHunter
  • Submit
  • Industries
  • Categories
  • Agency
Logo
LogoAgentHunter

Discover, Compare, and Leverage the Best AI Agents

Featured On

Featured on yo.directory
yo.directory
Featured on yo.directory
Featured on Startup Fame
Startup Fame
Featured on Startup Fame
AIStage
Listed on AIStage
Sprunkid
Featured on Sprunkid
Featured on Twelve Tools
Twelve Tools
Featured on Twelve Tools
Listed on Turbo0
Turbo0
Listed on Turbo0
Featured on Product Hunt
Product Hunt
Featured on Product Hunt
Game Sprunki
Featured on Game Sprunki
AI Toolz Dir
Featured on AI Toolz Dir
Featured on Microlaunch
Microlaunch
Featured on Microlaunch
Featured on Fazier
Fazier
Featured on Fazier
Featured on Techbase Directory
Techbase Directory
Featured on Techbase Directory
backlinkdirs
Featured on Backlink Dirs
Featured on SideProjectors
SideProjectors
Featured on SideProjectors
Submit AI Tools
Featured on Submit AI Tools
AI Hunt
Featured on AI Hunt
Featured on Dang.ai
Dang.ai
Featured on Dang.ai
Featured on AI Finder
AI Finder
Featured on AI Finder
Featured on LaunchIgniter
LaunchIgniter
Featured on LaunchIgniter
Imglab
Featured on Imglab
AI138
Featured on AI138
600.tools
Featured on 600.tools
Featured Tool
Featured on Featured Tool
Dirs.cc
Featured on Dirs.cc
Ant Directory
Featured on Ant Directory
Featured on MagicBox.tools
MagicBox.tools
Featured on MagicBox.tools
Featured on Code.market
Code.market
Featured on Code.market
Featured on LaunchBoard
LaunchBoard
Featured on LaunchBoard
Genify
Featured on Genify
Copyright © 2025 All Rights Reserved.
Product
  • AI Agents Directory
  • AI Agent Glossary
  • Industries
  • Categories
Resources
  • AI Agentic Workflows
  • Blog
  • News
  • Submit
  • Coummunity
  • Ebooks
Company
  • About Us
  • Privacy Policy
  • Terms of Service
  • Sitemap
Friend Links
  • AI Music API
  • ImaginePro AI
  • Dog Names
  • Readdit Analytics
Back to News List

AI Crypto Plugins Pose Security Risks as Vulnerabilities Exposed

May 25, 2025•Mikaia ANDRIAMAHAZOARIMANANA•Original Link•4 minutes
Cryptocurrency
AI Security
Blockchain

AI plugins designed to assist with cryptocurrency management may inadvertently expose wallets to hackers due to critical vulnerabilities in MCP protocols.

Published: Sun 25 May 2025 | 5 min read | By Mikaia A.

Robot hand sending a transaction in a crypto wallet interface

Key Takeaways

  • Crypto AI agents use the Model Context Protocol (MCP), which is flexible but vulnerable to targeted attacks.
  • Malicious plugins can hijack AI agents to steal private keys and crypto funds.
  • SlowMist identified four major attack vectors through an educational project called MasterMCP.
  • Securing plugins, behaviors, and privileges must become a top priority for crypto AI developers.

The Emergence of a New Threat

Artificial intelligence is rapidly entering the crypto space. By the end of 2024, over 10,000 crypto AI agents were active, with projections exceeding one million by 2025. These AI agents, seen as a revolution in the sector, are not standalone models like GPT-4 but extensions connected in real time to wallets, bots, or dApps.

Their mission? To make automated decisions and execute on-chain actions. All based on the Model Context Protocol (MCP). However, this flexibility is also its weakness. MCP acts as the brain of these agents, deciding which tools to use and how to respond. According to SlowMist, this architecture opens an "uncontrollable surface without strict sandboxing." Malicious plugins can hijack an agent, inject toxic data, or make it call trapped external functions.

Sequence diagram showing potential attack vectors and risk points. Source: SlowMist

Security expert Monster Z explains:

"Poisoning of agents and MCPs results from malicious information introduced during the interaction phase."

In short, even a well-trained agent can betray if it receives a toxic instruction at the wrong time. Worse: this threat surpasses classic AI model poisoning in severity.

A System That Can Self-Destruct from Within

The attacks are diverse, precise, and sneaky. SlowMist documents four main ones in its report. The MasterMCP project reproduces them to help developers understand the danger.

  1. Data poisoning uses plugins to make the agent perform absurd tasks or mislead the user.
  2. JSON injection allows bypassing security by calling malicious data locally.
  3. Function substitution replaces critical operations with obfuscated code.
  4. Inter-MCP calls encourage an agent to interact with unsecured servers to widen the vulnerability.

All these attacks start from unverified plugins. Yet in the crypto world, any plugin connected to a wallet is an entry point. Guy Itzhaki, CEO of Fhenix, summarizes:

"Opening your system to third-party plugins is opening a breach beyond your control."

Behind a simple AI assistant hides a risk of private key leaks, fund thefts, and order manipulation. And as Lisa Loud, director of Secret Foundation, points out: "Beta versions are the most common times to get hacked."

What to Do? Secure AI Before It Feasts on Our Cryptos

Against this threat, the reaction should not be panic but prevention. SlowMist recommends:

  • Verify each plugin.
  • Limit privileges.
  • Isolate environments.
  • Continuously analyze agent behaviors.

These measures must be native, integrated from the first line of code. Developers must also train their teams, raise user awareness, and document expected behaviors. It is not about stopping the use of AI, but about not skimping on security.

While AI agents threaten our cryptos, another worry grows among financial giants. BlackRock wonders: can bitcoin survive the quantum era? Because if AIs can fool a plugin, a quantum computer could decrypt our private keys. And then, no more blockchain, no more wallet: just data stolen silently. The crypto revolution will also have to survive the revolution of physics.

Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.

Related News

August 18, 2025•Coin World

Crypto Market Revolutionized by ETFs AI and Tokenization Trends

Crypto markets undergo historic transformation through ETF approvals AI trading agents and real world asset tokenization driving institutional and retail adoption

Cryptocurrency
ETF
Blockchain
August 14, 2025•Tom Field

AI Agents Pose New Security Challenges for Defenders

Palo Alto Networks' Kevin Kin discusses the growing security risks posed by AI agents and the difficulty in distinguishing their behavior from users.

AI Security
Threat Detection
Zero Trust

About the Author

Dr. Lisa Kim

Dr. Lisa Kim

AI Ethics Researcher

Leading expert in AI ethics and responsible AI development with 13 years of research experience. Former member of Microsoft AI Ethics Committee, now provides consulting for multiple international AI governance organizations. Regularly contributes AI ethics articles to top-tier journals like Nature and Science.

Expertise

AI Ethics
Algorithmic Fairness
AI Governance
Responsible AI
Experience
13 years
Publications
95+
Credentials
2
LinkedInResearchGate

Agent Newsletter

Get Agentic Newsletter Today

Subscribe to our newsletter for the latest news and updates