Skip to main content

Hackers Hijacking AI Agents Through Vulnerable Relay Stations

The Silent Threat in AI Communications

Security researcher Chaofan, previously known for exposing Claude's source code, has unveiled a critical vulnerability affecting AI agents worldwide. The groundbreaking paper "Your Agent Is Mine" reveals how third-party language model routers - commonly called "relay stations" - have become the weakest link in AI security.

Image

How Attackers Exploit Relay Stations

Modern AI systems increasingly depend on these routing services to process requests. The danger? These intermediaries have complete access to all communications in plain text - including sensitive tool parameters, API keys, and even cryptocurrency credentials.

Chaofan's team identified two primary attack methods:

1. Payload Injection (AC-1): After the AI model responds, attackers can secretly alter tool instructions. Imagine asking your AI assistant to book a flight, only to have the request redirected to a hacker's server. This technique enables everything from simple data theft to full system takeovers.

2. Secret Theft (AC-2): Some routers passively scan traffic for valuable information. Your API keys, cloud service credentials, or crypto wallets could be copied without any visible signs of a breach.

What makes these attacks particularly dangerous is their conditional triggering. Hackers can program them to activate only after certain thresholds (like 50 requests) or when detecting specific commands like "YOLO" mode.

The Shocking Test Results

The research team examined 28 commercial routers and 400 free services with alarming findings:

  • 9 routers actively injected malicious code
  • 1 attack drained a test wallet of $5 million in Ethereum
  • Over 2.1 billion token requests were processed through vulnerable systems
  • 401 AI agent sessions operated with completely compromised security

"These aren't theoretical risks," Chaofan noted. "We're seeing active exploitation in the wild."

Why This Vulnerability Matters

Most AI security efforts focus on protecting models from prompt injections or managing tool permissions. Few consider the routing layer - yet it's where all communications must pass. When compromised, even the most secure AI systems become vulnerable.

The problem grows worse with unregulated free and low-cost relay services. Without proper oversight, these become ideal platforms for attackers to operate undetected.

Protecting Your AI Systems

For developers and companies using AI agents, the researchers recommend:

  • Direct connections: Use official API endpoints whenever possible
  • Encrypt everything: Implement end-to-end encryption and request signatures
  • Monitor closely: Watch for unusual tool behavior and rotate API keys regularly
  • Sandbox routers: Isolate any relay services you must use

As AI adoption accelerates, this discovery serves as a wake-up call. The very infrastructure enabling AI communication may be its greatest vulnerability.

Key Points

  • Third-party AI routers expose critical security vulnerabilities
  • Attackers can inject malicious code or steal sensitive data undetected
  • Testing revealed active attacks including a $5 million crypto theft
  • Free and low-cost relay services pose particular risks
  • Developers should prioritize direct connections and enhanced security measures

Enjoyed this article?

Subscribe to our newsletter for the latest AI news, product reviews, and project recommendations delivered to your inbox weekly.

Weekly digestFree foreverUnsubscribe anytime

Related Articles

News

Ant Group Dominates AI Detection Challenge with Breakthrough Tech

Ant Group has taken top honors at CVPR 2026's prestigious computer vision competition, showcasing groundbreaking advancements in detecting AI-generated content. Their innovative approach combines visual foundation models with practical security applications, offering real-world solutions against deepfakes. The win underscores Ant's transition from payment security to AI safety leadership.

April 10, 2026
AI securitycomputer visiondeepfake detection
Claude's New Advisor Tool: Smart AI Help Without the Hefty Price Tag
News

Claude's New Advisor Tool: Smart AI Help Without the Hefty Price Tag

Anthropic has introduced a clever new feature for its Claude AI platform that combines efficiency with intelligence. The Advisor Tool lets faster, more affordable models handle routine tasks while automatically consulting the more powerful Claude Opus for tough decisions. Think of it like having a quick junior assistant who can discreetly tap a senior expert when needed. Early tests show significant performance boosts with surprising cost savings - in some cases doubling capabilities while keeping expenses low.

April 10, 2026
AI innovationClaude AIcost optimization
Alibaba's HappyHorse AI Model Gallops to Global Video Generation Lead
News

Alibaba's HappyHorse AI Model Gallops to Global Video Generation Lead

Alibaba's under-the-radar HappyHorse model has sprinted past competitors to claim the top spot in global AI video generation rankings. Scoring an impressive 1333 Elo points, this breakthrough from Alibaba's Taotian Group lab signals a new era for high-quality AI-generated content. As tech giants race to develop smarter AI agents, HappyHorse's emergence comes at a crucial moment - just weeks before Alibaba's financial results are expected to highlight growing AI revenues.

April 10, 2026
AI video generationAlibabaHappyHorse
News

ZTE's AI Security Push Pays Off as Computing Revenue Soars

ZTE has made waves with its new Co-Claw AI system, designed to tackle security concerns in enterprise AI applications. The telecom giant's computing power business is reaping the benefits, with revenue skyrocketing 150% last year. This strategic pivot comes as traditional telecom growth slows, with AI now accounting for nearly a quarter of ZTE's total revenue.

April 10, 2026
AI securitytelecom innovationcomputing power
Zhiyuan Robotics' GO-2 Model Gives Robots Human-Like Planning Skills
News

Zhiyuan Robotics' GO-2 Model Gives Robots Human-Like Planning Skills

Zhiyuan Robotics has unveiled its groundbreaking GO-2 model, bringing robots closer than ever to human-like thinking. Unlike traditional systems that operate blindly, GO-2 plans actions step-by-step before moving - just like a basketball player visualizing a shot. The model smashed performance records with a 98.5% success rate, even in challenging conditions. More than just lab tech, GO-2 is already being deployed through Zhiyuan's development platform, marking a significant leap toward practical robot applications.

April 9, 2026
roboticsAImachine learning
Tencent Cloud's QClaw V2 Unleashes Teamwork for AI Assistants
News

Tencent Cloud's QClaw V2 Unleashes Teamwork for AI Assistants

Tencent Cloud has rolled out QClaw V2, transforming how AI assistants work together. The new version lets multiple AI agents collaborate simultaneously, solving complex tasks more effectively. It also introduces seamless integration with popular office tools and beefs up security with its innovative 'Lobster Guardian' system. These upgrades promise to make digital teamwork smarter and safer for users.

April 9, 2026
AI collaborationTencent Clouddigital workplace

Popular Articles

1

TSMC Reports Record Revenue, AI Growth Fuels Optimism for 2025

News2

DeepSeek V3 Surpasses Claude 3.5 in AI Performance Tests

News3

Anthropic Enhances Claude AI for Financial Analysts

News4

Anthropic's Cowork: An AI Assistant Built by AI in Just 10 Days

News5

ChatGPT Introduces Instant Purchase Feature

News