This research investigates the security vulnerabilities of large language models (LLMs) used for translating natural language into SQL queries (Text-to-SQL), specifically focusing on the threat of backdoor attacks. The authors introduce ToxicSQL, a novel framework to create stealthy backdoors that can lead to the generation of malicious, yet executable, SQL queries through semantic and character-level triggers. Experiments demonstrate that even a small amount of poisoned data can result in high attack success rates, highlighting the significant security risks in relying on potentially compromised LLM-based Text-to-SQL models and underscoring the urgent need for robust defense mechanisms.