Prompt Injection Attacks Trick AI Agents Into Making Crypto Payments
Summary
Threat actors are using prompt injection attacks (tricking an AI by hiding instructions in its input) embedded in malicious websites and search results to trick AI agents into making cryptocurrency payments or trusting fake platforms. Researchers at Zscaler found two campaigns: one hiding payment instructions in a fake Python library website using SEO poisoning (manipulating search rankings with keyword-stuffed content), and another impersonating DeBank, a cryptocurrency platform. When tested on 26 different language models, four were successfully tricked into making payments, while two misidentified the fraudulent website as legitimate.
Classification
Affected Vendors
Related Issues
Original source: https://www.securityweek.com/prompt-injection-attacks-trick-ai-agents-into-making-crypto-payments/
First tracked: July 6, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 92%