Guavy AI Editorial TeamSentiment: -4Clout: 82

AI Wallets Vulnerable to 'Polite Heists' as Attackers Use Clever Tricks

Recently, an attacker drained $170,000 from a Grok-connected crypto wallet in under a minute without hacking any code. The attack was possible because the AI wallet was convinced to move funds by a message in Morse code.

The attacker sent a membership NFT to the wallet and then typed the message, which the AI decoded as an instruction to move funds. This incident is not an isolated case, as security researchers have documented several other incidents involving AI wallets being tricked into transferring large amounts of cryptocurrency.

CertiK researchers found that a popular open-source agent platform had over 280 security advisories and more than 100 documented vulnerabilities within weeks of its public launch. They also discovered malicious 'skills' that manipulate agent behavior through natural language, allowing attackers to slip past scanners built for traditional threats.

The law is still catching up with the rise of AI-powered wallets, as traditional agency law assumes a principal and an agent capable of bearing responsibility. California has passed a law that closes the escape hatch of using autonomous operation as a defense in cases where AI-caused harm occurs.