Top AI tools such as OpenClaw and Github Copilot can be hijacked to create new massive botnets


Your favorite AI service could be subverted to deploy code that turns your phone or PC into a botnet, according to researchers at Intuit, Technion, and Tel Aviv University.

The technique has been given the name HalluSquatting, a portmanteau of adversarial hallucination squatting, and is similar to typosquatting in that it relies on a mistake in order to distribute malicious code. While typosquatting might occur with the incorrect input of a website URL, HalluSquatting pivots on an LLM being unable to identify a resource or repository with 100% accuracy.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Senior US Officials Impersonated in Malicious Messaging Campaign

    May 15, 2025

    FBI is issuing this announcement to warn and provide mitigation tips to the public about an ongoing malicious text and voice messaging campaign. Since April 2025, malicious actors have impersonated senior US officials to target individuals, many of whom are current or former senior US federal or state government officials and their contacts. If you receive ...

  • AI Agents are here. So are the threats.

    May 1, 2025

    Agentic applications are programs that leverage AI agents — software designed to autonomously collect data and take actions toward specific objectives — to drive their functionality. As AI agents are becoming more widely adopted in real-world applications, understanding their security implications is critical. This article investigates ways attackers can target agentic applications, presenting nine concrete attack ...

  • Hi, robot: Half of all internet traffic now automated

    April 16, 2025

    Traffic from “bad bots”—those created with malicious intent—first surpassed good bot traffic in 2016, Imperva’s research said, and it’s been getting worse. Bad bots comprised 37% of internet traffic in 2024, up from 32% the year prior. Good bots accounted for just 14% of the internet’s traffic. Bad bots do all kinds of unpleasant things. An ...

  • How ToddyCat tried to hide behind AV software

    April 7, 2025

    To hide their activity in infected systems, APT groups resort to various techniques to bypass defenses. Most of these techniques are well known and detectable by both EPP solutions and EDR threat-monitoring and response tools. In early 2024, while investigating ToddyCat-related incidents, Kaspersky researchers detected a suspicious file named version.dll in the temp directory on multiple ...

  • TookPS: DeepSeek isn’t the only game in town

    April 2, 2025

    In early March, we published a study detailing several malicious campaigns that exploited the popular DeepSeek LLM as a lure. Subsequent telemetry analysis indicated that the TookPS downloader, a malware strain detailed in the article, was not limited to mimicking neural networks. Kaspersky researchers identified fraudulent websites mimic official sources for remote desktop and 3D modeling ...

  • Brussels unveils highly-anticipated strategy on defence but fails to outline new funding options

    March 19, 2025

    The White Paper, released on Wednesday, broadly rehashes the Commission’s ReArm Europe proposal unveiled two weeks ago that could see member states mobilise up to €800 billion for defence over the next four years by notably, pooling orders and procuring equipment together. Capabilities the Commission has identified as priority areas include air and missile defence, artillery ...