Top AI tools such as OpenClaw and Github Copilot can be hijacked to create new massive botnets


Your favorite AI service could be subverted to deploy code that turns your phone or PC into a botnet, according to researchers at Intuit, Technion, and Tel Aviv University.

The technique has been given the name HalluSquatting, a portmanteau of adversarial hallucination squatting, and is similar to typosquatting in that it relies on a mistake in order to distribute malicious code. While typosquatting might occur with the incorrect input of a website URL, HalluSquatting pivots on an LLM being unable to identify a resource or repository with 100% accuracy.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Cybertruck driver used ChatGPT to plan Las Vegas attack

    January 7, 2025

    Police found a six-page manifesto on Matthew Livelsberger’s phone and said he used ChatGPT to plan his New Year’s Day bombing at the Trump International Hotel in Las Vegas, Sheriff Kevin McMahill said at a news conference Tuesday. A few of the entries posted in the application included “How much Tannerite is equivalent to 1 pound ...

  • Top AI Trends from 2024 – A Look Back

    January 3, 2025

    2024 may go down as the year AI stopped being a technological novelty and became—more consequentially—a Fact of Life. Big names like Microsoft, Salesforce, and Intuit built AI into mainstream enterprise solutions; specialized AI apps and services sprung up for everything from copywriting to data analysis; and governments, think tanks, and regulators poured effort into ...

  • Nigeria, South Africa, Algeria top targets for cyber attacks in 2024

    January 1, 2025

    In the first half of 2024, Nigeria saw 2,721 incidents, with the telecom sector, computer services sector, Data processing and hosting companies, and even local beauty salons having a fair dose of the attacks respectively. At the time, experts attributed the rise in cyberattacks to digital transformation initiatives the country was carrying out such as adoption ...

  • Ukraine collects vast war data trove to train AI models

    December 20, 2024

    As the future of warfare pivots towards artificial intelligence, Ukraine is sitting on a valuable resource: millions of hours of footage from drones which can be used to train AI models to make decisions on the battlefield. AI has been deployed by both sides on the battlefield during Russia’s invasion of Ukraine to identify targets, scanning ...

  • Link Trap: GenAI Prompt Injection Attack

    December 17, 2024

    With the rise of generative AI, new security vulnerabilities are emerging. One such vulnerability is prompt injection, a method that malicious actors can exploit to manipulate AI systems. Typically, the impact of prompt injection attacks is closely tied to the permissions granted to the AI. However, the attack discussed in this article differs from commonly known ...

  • What is high bandwidth memory and why is the US trying to block China’s access to it?

    December 8, 2024

    The US government has imposed fresh export controls on the sale of high tech memory chips used in artificial intelligence (AI) applications to China. The rules apply to US-made high bandwidth memory (HBM) technology as well as foreign-produced ones. High bandwidth memory (HBM) are basically a stack of memory chips, small components that store data. They ...