CertiK-sjef advarer om at AI-agenter kan bli kryptos neste store sikkerhetskatastrofe.

The rapid rise of artificial intelligence agents is creating new opportunities across technology and finance, but according to the CEO of CertiK, it may also be laying the groundwork for one of the most serious cybersecurity threats the cryptocurrency industry has ever faced.

As AI agents become more advanced, companies are increasingly granting them access to sensitive systems such as emails, databases, cloud storage, financial platforms, and cryptocurrency wallets. While this automation improves efficiency, it also introduces new attack surfaces that cybercriminals are already learning to exploit.

One of the most dangerous emerging threats is known as prompt injection. Unlike traditional hacking methods that rely on malware or code exploits, prompt injection attacks manipulate how AI systems interpret information and instructions.

In a typical attack, malicious instructions are hidden inside seemingly harmless content such as PDFs, emails, websites, or documents. When an AI agent processes this content as part of its task, it may unknowingly treat the hidden instructions as valid commands and execute them.

This can lead to serious consequences. A compromised AI agent could leak sensitive data, expose credentials, approve unauthorized transactions, or interact with cryptocurrency wallets in unintended ways. In some cases, this could result in direct financial losses.

What makes these attacks especially dangerous is that traditional cybersecurity tools often fail to detect them. Antivirus software and malware scanners are designed to identify malicious code, but prompt injection attacks often rely only on text manipulation. This allows them to bypass many existing security systems.

CertiK researchers report that they have already identified hundreds of malicious plugins, fake installers, and compromised dependencies designed specifically to target AI-powered systems. Many of these tools appear legitimate but are built to manipulate AI behavior once integrated into workflows.

The cryptocurrency industry is particularly exposed to these risks. AI agents are now being used in trading systems, DeFi platforms, portfolio management tools, and blockchain analytics. As these agents gain permission to execute financial actions, the potential impact of any successful attack increases significantly.

Another growing concern is the rise of short-lived scams designed specifically to target automated systems rather than human users. Some attackers create temporary traps that exist only for minutes or hours, long enough to deceive AI trading bots or automated agents before disappearing.

This marks a shift in cybercrime strategy. Instead of focusing only on human users through phishing or social engineering, attackers are increasingly targeting machine-based decision systems that operate much faster and without human judgment.

Security experts warn that AI agents can process information and execute actions almost instantly. While this speed improves performance, it also increases risk. A human user might recognize suspicious instructions before approving a transaction, but an AI agent may act immediately if no safeguards exist.

To counter these risks, CertiK is urging the adoption of a Zero Trust security model for AI systems. In this approach, no tool, plugin, or instruction is trusted by default. Every request must be verified and continuously monitored, regardless of its source.

The Zero Trust model has already become common in enterprise cybersecurity, but experts believe it will be essential in environments where AI systems interact directly with sensitive data and financial assets.

Supporters of AI argue that these risks are part of early technological development and will improve as the industry matures. They point out that many transformative technologies initially introduced new security challenges before proper safeguards were developed.

However, critics warn that AI adoption is advancing faster than security frameworks can keep up. Many companies are deploying autonomous agents without fully understanding how they can be manipulated or abused.

For the crypto industry, where digital assets move instantly and irreversibly, the risks are especially high. Even a small vulnerability in widely used AI systems could lead to large-scale financial damage.

The CertiK warning highlights a broader shift in cybersecurity. As automation becomes more powerful, threats are moving beyond traditional malware toward manipulation of intelligence systems themselves. In some cases, a carefully crafted piece of text may be enough to trigger unintended financial actions.

Whether AI agents become revolutionary tools or major security liabilities will depend on how quickly the industry adapts. For now, experts strongly recommend caution and emphasize that trust must always be verified. - even when dealing with artificial intelligence.