Industry
2 hours ago

Researchers Uncover Stealth Attack That Forces LLM Agents to Use 658x More Resources

Victoria Bazir Victoria Bazir

A new academic study reveals how AI agents can be secretly tricked into burning through massive computing resources while still giving you the right answers. It exposes a critical blind spot in how these systems interact with external tools.

⬤ A team of researchers from Nanyang Technological University, the University of Illinois Urbana-Champaign, the Hong Kong University of Science and Technology, and Shanghai Jiao Tong University just uncovered a sneaky new way to attack AI agents. Their study shows these agents can be quietly pushed into using absurd amounts of computing power without anyone noticing—because the answers they give still look completely normal. The research paper, called Beyond Max Tokens: Stealthy Resource Amplification via Tool Calling Chains in LLM Agents, zeros in on a weak spot that most people aren't even watching: the connection between agents and the tools they use.

⬤ Here's how the attack works. Instead of messing with prompts or trying to corrupt the output, attackers set up what looks like a totally harmless tool server—one that even follows standard protocols like MCP. But hidden inside the responses this server sends back are secret instructions. These instructions trick the agent into calling the same tool over and over, sometimes with unnecessarily long arguments or drawn-out back-and-forth exchanges. Each individual call seems legit, but together they create a resource-draining loop. The kicker? The final answer the user sees is still correct, so traditional security checks completely miss it.

⬤ The numbers from their experiments are alarming. Tasks that would normally use a reasonable amount of tokens suddenly ballooned to over 60,000 tokens. GPU cache usage shot up from under 1% to as high as 74%. Systems running other workloads at the same time saw their performance cut roughly in half. Overall, the attack multiplied resource consumption by up to 658 times compared to normal operation. And because everything looked fine on the surface—no weird outputs, no suspicious prompts—existing safeguards didn't catch a thing.

⬤ This matters a lot as AI agents with tool access become more common in real-world applications. The research makes it clear that just checking whether an agent gives the right answer isn't enough anymore. Hidden resource bloat like this can quietly drive up costs and choke system capacity at scale. The study points to the agent-tool interaction layer as a major new security gap that's been largely ignored until now. Moving forward, defenses will need to go deeper—monitoring what agents are actually doing behind the scenes, not just what they're saying up front.

News Source
#AI #LLM #AI Agents
Victoria Bazir Victoria Bazir E-mail

Victoria Bazir - content writer at Aigazine.com, combining linguistic precision with a passion for technology, AI, and analytical storytelling.

AI models
19 Jan 2026, 13:01 PM
China Launches AgentScope: Open-Source Framework for Building Multi-Agent AI Systems
China just dropped AgentScope, a Python-based open-source framework that makes it easier to build AI applications where multiple agents work together, complete with memory, tools, and reasoning built right in.
AI models
19 Jan 2026, 12:01 PM
Microsoft Releases VibeVoice: Open-Source AI Speech Model with 300ms Response Time
Microsoft released VibeVoice, an open-source real-time speech generation system that delivers conversational audio with just 300 milliseconds of latency, supports up to 90 minutes of continuous output, and handles four different speakers in a single session.
Industry
19 Jan 2026, 12:01 PM
Researchers Uncover Stealth Attack That Forces LLM Agents to Use 658x More Resources
A new academic study reveals how AI agents can be secretly tricked into burning through massive computing resources while still giving you the right answers. It exposes a critical blind spot in how these systems interact with external tools.
Posts feed
China Launches AgentScope: Open-Source Framework for Building Multi-Agent AI Systems
1 hour ago
Microsoft Releases VibeVoice: Open-Source AI Speech Model with 300ms Response Time
2 hours ago
Researchers Uncover Stealth Attack That Forces LLM Agents to Use 658x More Resources
2 hours ago
XPeng Unveils Iron Humanoid Robot as 2025 Mass Production Kicks Off
2 hours ago
DeepSeek Captures 89% Market Share in China as Regional Barriers Shape Global AI Adoption
3 hours ago
OpenAI Revenue Hits $20B as Compute Capacity Reaches 1.9 GW in 2025
3 hours ago
AI Model Growth Hits 10x Memory Speed Gap
4 hours ago
AI Investment Surges While Corporate Profits Outpace Wages by 2.7x Since 1970s
5 hours ago
How AI Models Learn to Detect and Fix 15+ Security Vulnerabilitie in Codes
5 hours ago
Coordinated AI System Beats GPT-5 by 37.1% Using 70% Less Compute
6 hours ago
Follow us on Twitter

Disclaimer: Aigazine provides content for informational and educational purposes only. We do not offer financial, investment, or legal advice. Any decisions made based on the information published on this website are solely at the reader’s own discretion and risk. We encourage all readers to conduct their own research and seek professional guidance when necessary.

Aigazine is a news platform focused on artificial intelligence, covering global AI trends, technology, and innovation. Aigazine is based in Tbilisi (0179, Georgia, Tbilisi City, Vake District, 49 Besarion Zhghenti Street, VAT 305786600).

© 2025 aigazine.com

We use cookies to improve your experience on our site and to show you relevant advertising. To find our more, read our privacy policy and cookie policy