As reported by The Hacker News, a new cybersecurity threat known as phantom squatting is emerging, where malicious actors are registering non-existent web addresses invented by large language models (LLMs) to conduct phishing attacks.Palo Alto Networks' Unit 42 has identified phantom squatting as a tactic where attackers purchase domains that LLMs hallucinate, meaning the AI models create web addresses that do not actually exist. This is concerning because users and developers often trust links generated by AI. When an AI invents a domain, the first entity to register it inherits the misplaced trust, enabling phishing without traditional methods like malicious ads. Unit 42's research involved querying AI models with questions about numerous brands, resulting in millions of generated links. While some were flagged as malicious, a significant number of invented domains were unregistered, presenting opportunities for attackers. The attack works because new domains lack a reputation, bypassing existing security filters until it's too late.Researchers found that different AI models often invent the same fake domains, making targets predictable. Two observed cases involved attackers registering hallucinated domains resembling a national postal service and a bank, subsequently using them to steal sensitive data and distribute malware. This trend mirrors slopsquatting, where attackers register non-existent software package names invented by AI coding tools. The implications are significant, as AI-generated output is increasingly treated as input, shrinking the reaction time for defenders in a landscape where brand impersonation phishing is a growing paid service.Source: The Hacker News
AI/ML
Attackers exploit AI-hallucinated web domains through ‘phantom squatting’

(Adobe Stock)
An In-Depth Guide to AI
Get essential knowledge and practical strategies to use AI to better your security program.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



