Close Menu
binanceplan.blog
    What's Hot

    Inside the Prediction Markets: Kalshi Expands Perpetuals as World Cup Trading Hits New Highs

    July 11, 2026

    Circle Becomes “First Stablecoin Issuer” to Win US National Trust Bank Approval

    July 11, 2026

    Coming soon: bringing Kraken to life

    July 11, 2026
    Facebook X (Twitter) Instagram
    binanceplan.blog
    • Home
    • Binance
    • Cryptocurrency
      • Altcoin
      • Litecoin
      • Bitcoin
    • Crowdfunding
    • Crypto Mining
    • Ethereum
    • Fintech
    • Forex
      • Mompreneur
      • Venture Capital
    binanceplan.blog
    Home»Cryptocurrency»Mass deployment of AI agents is a disaster waiting to happen, says CertiK CEO
    Cryptocurrency

    Mass deployment of AI agents is a disaster waiting to happen, says CertiK CEO

    币安计划官方By 币安计划官方May 29, 2026No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Mass deployment of AI agents is a disaster waiting to happen, says CertiK CEO
    Share
    Facebook Twitter LinkedIn Pinterest Email



    The global rush to deploy autonomous AI agents across the internet, enterprise networks and consumer applications is creating a catastrophic security debt, according to the chief of blockchain security auditor Certik.

    While corporations ambitiously market these tools as productivity miracles, the crude reality is that it can be a very, very risky thing to do. Unisolated, unvetted AI agents are a massive security disaster waiting to happen, Ronghui Gu, the co-founder and CEO of CertiK, told CoinDesk.

    Gu warned that users are potentially exposing their most sensitive files, local credentials and money accounts to autonomous systems that can be easily manipulated, hijacked and openly scammed.

    “Right now, agents are no longer just answering questions in a chat window,” Gu told CoinDesk on the heels of CertiK’s landmark deep-dive report into widespread agent infrastructure. “They are beginning to call external tools, read local files, trigger workflows, and interact with financial infrastructure. But if you do not isolate the execution environment and scan these tools first, you are handing a compromised identity broad internal access to your entire network.”

    The fundamental flaw in the current AI agent boom is a mistaken trust model, according to Gu.

    Charles Hoskinson, founder and CEO of Cardano’s Input Output, said that by 2035 they will become more relevant than humans on the internet. Coinbase CEO Brian Armstrong, recently said “very soon there are going to be more AI agents than humans making transactions” and Binance Founder Changpeng Zhao, predicted they “will make one million times more payments than humans.”

    Ultimate inside threat

    Gu said many popular, open-source AI applications are built under the assumption that because they run locally on a user’s computer or connect via standard chat apps like WhatsApp, they are safe from external threats.

    The reality is entirely the opposite, he noted. The moment a user grants an AI agent permission to read local system storage, view execution histories or manage personal email and business database credentials, that agent becomes the ultimate inside threat.

    CertiK’s recent analysis of early-state, rapidly growing agent structures uncovered a staggering accumulation of security vulnerabilities, including hundreds of critical security advisories, unpatched common vulnerabilities and exposures (CVEs) and other massive exposures of local credentials and session memories resulting from completely inconsistent boundary checks.

    More alarming yet is how easily these autonomous systems can be completely redirected at the reasoning layer without a single line of malicious code ever being written, Gu emphasized.

    Through basic “prompt injection” attacks, a bad actor can embed hidden natural language instructions inside a benign webpage, a PDF document, or an incoming email, he added.

    When the unisolated AI agent reads that file to process a task for the user, it fails to separate trusted system commands from the untrusted external data, Gu explained. The agent then silently overwrites its original rules, obeys the malicious instruction, and can be forced to exfiltrate data or trigger unauthorized fund transfers.

    Hyperfast exploits

    Gu revealed that CertiK discovered hundreds of malicious skills, fake installers, and lookalike dependency packages sitting directly on open agent utility hubs. Because these malicious plug-ins use standard natural language to subtly influence the agent’s behavior and change its goals, they completely bypass legacy, signature-based antivirus software.

    “The scam apps use natural language to influence behavior, making them totally resistant to traditional antivirus scans,” Gu explained. “And right now, it is even easier to scam the machine than it is to scam a human.”

    In what Gu describes as a bizarre evolution of financial crime, CertiK’s telemetry has observed an explosion of onchain, automated scams that run for only 10 minutes or a few hours before completely vanishing.

    These hyperfast, ephemeral exploits are specifically designed by hackers to target and scam other autonomous AI trading bots and automated agent systems, executing machine-on-machine financial drainage before any human even realizes a compromise has occurred.

    Gu states that the software engineering industry must completely abandon its reliance on trust-based interactions and move immediately toward an isolated, “Zero Trust” architecture where every command and dependency is continuously verified.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Circle Becomes “First Stablecoin Issuer” to Win US National Trust Bank Approval

    July 11, 2026

    Why Bitfinex Is Warning Investors About the Yen Carry Trade

    July 11, 2026

    Ethereum Foundation AI Agent Research Shows Where Smart Contracts May Be Heading Next

    July 10, 2026

    OKX, MetaMask, Matter Labs back dispute resolution court for AI agents

    July 10, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    TOP POSTS

    Inside the Prediction Markets: Kalshi Expands Perpetuals as World Cup Trading Hits New Highs

    July 11, 2026

    Circle Becomes “First Stablecoin Issuer” to Win US National Trust Bank Approval

    July 11, 2026

    Coming soon: bringing Kraken to life

    July 11, 2026

    S&P Global Outlines Rating Framework for Tokenised Money Market Funds

    July 11, 2026

    Subscribe to Updates

    Get the latest creative news from Binanceplan about Altcoin, Binance and Bitcoin.

    Please enable JavaScript in your browser to complete this form.
    Loading

    Welcome to BinancePlan.blog — your trusted source for learning, strategies, and insights in the world of cryptocurrency, with a strong focus on Binance and digital asset growth.At BinancePlan, our mission is simple: to make crypto easy, understandable, and profitable for everyone — whether you’re a complete beginner or an experienced trader.

    Top Insights

    Inside the Prediction Markets: Kalshi Expands Perpetuals as World Cup Trading Hits New Highs

    July 11, 2026

    Circle Becomes “First Stablecoin Issuer” to Win US National Trust Bank Approval

    July 11, 2026

    Coming soon: bringing Kraken to life

    July 11, 2026
    Get Informed

    Subscribe to Updates

    Get the latest creative news from Binanceplan about Altcoin, Binance and Bitcoin.

    Please enable JavaScript in your browser to complete this form.
    Loading
    • About Us
    • Contact Us
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    Copyright© 2026 Binanceplan All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.