When AI Becomes the Suspect: Dissecting a Crypto Theft and Code‑Poisoning Case

Yesterday on Twitter a crypto company reported that dozens of thousands of USDT were transferred to a wallet whose address was hard‑coded in the source code submitted by an employee. The employee denied adding the line and claimed the AI was responsible, but the code review missed it.

The security team led by Yu Xian concluded that, based on their experience, AI is unlikely to return keys or passwords, and the current investigation points to human sabotage rather than AI misbehavior.

Another case involved a programmer using ChatGPT to modify code, which introduced a poisoned snippet that, when executed, sent a private key in the request body to a phishing site.

The malicious code originated from a GitHub repository intended for AI training; it inadvertently embedded a backdoor that could be harvested by users, making it unclear whether the AI actively consumed the code or the attacker injected it.

In the AI era, while code generation is convenient, the security of AI‑generated code becomes a major concern; blaming AI may be an easy excuse, but the real danger lies in human misuse and the potential for AI‑assisted attacks.