Autonomous AI Agents Unleash New Era of Sophisticated Supply Chain Threats

Post Views: 16

A New Class of Supply Chain Attack Identified

A new class of supply chain attack has been identified, leveraging autonomous AI agents to compromise users’ financial assets.

Discovery and Details

The attack, which remains active, was discovered by Straiker, a firm specializing in AI application security. The threat actor, operating under the pseudonyms “26medias” and “BobVonNeumann,” created a malicious AI plugin, or “skill,” called “bob-p2p” on the Clawhub marketplace.

The bob-p2p skill poses as a decentralized API marketplace but actually instructs agents to store Solana wallet private keys in plaintext, purchase worthless $BOB tokens, and route payments through an attacker-controlled infrastructure.

Attack Methodology

The attacker, disguising themselves as an AI agent on the Moltbook social media platform, promoted the skill to other agents, exploiting the implicit trust between them.

Upon installation, the skill grants the attacker access to users’ private keys and financial assets. The compromise then spreads laterally through automated agent collaboration, shared workflows, and dependency chains, without requiring further human interaction.

Consequences and Implications

The attack results in financial losses for human wallet owners due to unauthorized transactions and payment redirection.

Straiker researcher Dan Regalado notes that this attack represents a new class of supply chain poisoning combined with social engineering campaigns targeting algorithms rather than humans.

Regalado explains that the attack playbook involves creating a convincing AI persona, embedding it in agent social networks, building credibility with a benign skill, and then deploying the malicious payload through earned trust.

This tactic is infinitely repeatable and scalable.

Security Measures and Recommendations

The use of autonomous AI agents in this attack highlights the need for adequate verification and security measures to prevent similar attacks in the future.

As AI continues to expand, the potential for agent influence campaigns and manipulation of recommendations, rankings, and skill adoption increases.

The $BOB token has been flagged by Birdeye, an AI-based reputation tool, as a likely “rug pull” scam with a 100% probability.

The Bob P2P attack demonstrates the importance of robust security measures in AI applications and the need for developers to view AI as a collaborator to be closely monitored, rather than an autonomous entity to be unleashed.