Top AI tools such as OpenClaw and Github Copilot can be hijacked to create new massive botnets


Your favorite AI service could be subverted to deploy code that turns your phone or PC into a botnet, according to researchers at Intuit, Technion, and Tel Aviv University.

The technique has been given the name HalluSquatting, a portmanteau of adversarial hallucination squatting, and is similar to typosquatting in that it relies on a mistake in order to distribute malicious code. While typosquatting might occur with the incorrect input of a website URL, HalluSquatting pivots on an LLM being unable to identify a resource or repository with 100% accuracy.

Read more…
Source:  TechRadar News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • WormGPT, PoisonGPT: How generative AI can become a tool for criminals

    July 15, 2023

    A cybersecurity firm discovered a new generative artificial intelligence tool called WormGPT that is being sold to criminals. Another firm created a malicious generative AI tool called PoisonGPT to test how the technology can be used to intentionally spread fake news online. These tools are the latest examples of how generative AI can be used by ...

  • ChatGPT Shared Links and Information Protection: Risks and Measures Organizations Must Understand

    July 5, 2023

    Since its initial release in late 2022, the AI-powered text generation tool known as ChatGPT has been experiencing rapid adoption rates from both organizations and individual users. However, its latest feature, known as Shared Links, comes with the potential risk of unintentional disclosure of confidential information. In this article, Trend Micro researchers will examine these risks ...

  • Virtual kidnapping: How AI voice cloning tools and Chat GPT are being used to aid cybercrime and extortion scams

    June 28, 2023

    New technologies, such as artificial intelligence (AI) and machine learning (ML), are typically developed to boost productivity, increase efficiency, and make our lives easier. Unfortunately, cybercriminals have also found ways to exploit them for ill gain. Recently, malicious actors have abused AI technology to accurately impersonate real people as part of their attacks and scams. Cases ...

  • Securing the AI Pipeline

    June 27, 2023

    Artificial intelligence (AI) is a hot topic these days, and for good reason. AI is a powerful tool. In fact, Mandiant analysts and responders are already using Bard in their workflows to identify threats faster, eliminate toil, and better scale talent and expertise. Organizations are keen to understand how best to integrate it into their ...

  • Why endpoint management is key to securing an AI-powered future

    June 26, 2023

    The chief information security officer (CISO) agenda has a new set of priorities. Hybrid work and the resultant architecture updates, so prevalent at the beginning of the pandemic, are no longer top of mind. Instead, the thinking is focused on tackling ever more sophisticated threats and integrating Zero Trust in a more nuanced fashion through ...

  • AI And Cybercrime Unleash A New Era Of Menacing Threats

    June 23, 2023

    Artificial intelligence (AI) is catching a lot of headlines recently. It doesn’t matter whether you’ve been paying attention to these headlines or not—chances are you’ve heard about the recent developments in the world of AI and the extraordinary feats these projects are accomplishing. Large language models (LLMs) like OpenAI’s ChatGPT, Microsoft’s Bing Chat and Google’s Bard ...