AI Agents Could Be Turned Into Botnets Through Hallucinations, Researchers Warn

DECRYPT ·

Researchers introduced “Adversarial HalluSquatting,” an attack that exploits AI-generated hallucinations. The technique tricks AI agents into trusting fake repositories or tools that contain malicious instructions. Tests against popular AI coding assistants showed the method could lead to remote code execution in controlled experiments. AI hallucinations may be more than incorrect answers—they could become a way for hackers to compromise computers, according to new research from Tel Aviv University, Technion, and Intuit. In the paper , “Beware of Agentic Botnets: Scalable Untargeted Promptware Attacks via Universal and Transferable Adversarial HalluSquatting,” researchers demonstrated a technique that exploits AI models when they generate fake links to software repositories and other online resources. “The growing adoption of agentic LLM applications has introduced a new threat previously named as promptware,” the researchers wrote. “While prior work has established that adversaries can exploit direct channels to LLM applications to apply promptware under weak threat models, many applications do not provide any direct channels that could be exploited for prompt injection beyond the Internet.”

DYAX Investor Sentiment

Bullish (Long) 46% · Bearish (Short) 54%

526 participants

Related News

원문 보기 — DECRYPT