律动BlockBeats|Apr 10, 2026 06:15
Solayer founder reveals major security risks in LLM supply chain: over 20% of free routes exposed to malicious injection
BlockBeats News: On April 10th, Solayer founder @ Fried_rice posted on social media that Large Language Model (LLM) proxies are increasingly relying on third-party API routers to dispatch tool call requests to multiple upstream providers. These routers run as application layer proxies and are able to access JSON payloads in plaintext for each transmission, but currently no provider enforces encryption integrity protection between the client and upstream models.
This paper tested 28 paid routers purchased from independent websites such as Taobao, Xianyu, and Shopify, as well as 400 free routers collected from public communities. The results showed that 1 paid router and 8 free routers were actively injecting malicious code, 2 deployed adaptive evasion triggers, 17 touched AWS Canary credentials owned by researchers, and 1 stole ETH from a private key held by researchers.
Two poisoning studies further indicate that seemingly harmless routers can also be exploited: a leaked OpenAI key was used to generate 100 million GPT-5.4 tokens and over 7 Codex sessions; The weaker configured decoy generated 2 billion billing tokens, 99 credentials spanning 440 Codex sessions, and 401 sessions already running in autonomous YOLO mode.
The research team has developed a research agent called Mine, which can carry out all four types of attacks on four public proxy frameworks, and verified three client defense measures: fault locking strategy gate control, response side anomaly screening, and only adding transparent log records.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink