AI-Hallucinated Domains Enable New Cyberattacks via Phantom Squatting

Thumbnail Image

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.

Researchers from Palo Alto Networks' Unit 42 discovered that attackers are exploiting large language models (LLMs) that hallucinate fake web domains by registering these nonexistent domains—a tactic called "phantom squatting." This enables phishing, malware distribution, and software supply chain attacks, resulting in credential theft and other harms across multiple sectors.[AI generated]

Why's our monitor labelling this an incident or hazard?

The article explicitly involves AI systems (LLMs) whose hallucinated outputs (fake domains) are exploited by attackers to cause phishing and supply chain compromise, leading to realized harm such as credential theft and malicious activity. The AI system's use and malfunction (hallucination) directly contribute to the harm. The harm is materialized, not just potential, as phishing kits have been built and used. Therefore, this event meets the criteria for an AI Incident rather than a hazard or complementary information.[AI generated]
AI principles
Robustness & digital securitySafety

Industries
Digital securityIT infrastructure and hosting

Affected stakeholders
ConsumersBusiness

Harm types
Economic/PropertyHuman or fundamental rights

Severity
AI incident

AI system task:
Content generation


Articles about this incident or hazard