Skip to content

Phantom Squatting AI-Hallucinated Domains as a Software Supp...#2448

Open
carlospolop wants to merge 1 commit into
masterfrom
update_Phantom_Squatting_AI-Hallucinated_Domains_as_a_S_ce33f30d02bc1501
Open

Phantom Squatting AI-Hallucinated Domains as a Software Supp...#2448
carlospolop wants to merge 1 commit into
masterfrom
update_Phantom_Squatting_AI-Hallucinated_Domains_as_a_S_ce33f30d02bc1501

Conversation

@carlospolop

Copy link
Copy Markdown
Collaborator

🤖 Automated Content Update

This PR was automatically generated by the HackTricks News Bot based on a technical blog post.

📝 Source Information

🎯 Content Summary

Unit 42 describes phantom squatting as an AI-driven software supply chain attack vector: LLMs can hallucinate plausible but nonexistent domains for real brands, and attackers can register those domains so that future AI-assisted users, developers, CI/CD helpers, or autonomous agents are routed to attacker-controlled infrastructure. The issue is not a CVE but a structural LLM failure mode: when a model is asked for portals, API endpoints, webhook URLs, documentation links, pay...

🔧 Technical Details

LLM hallucination probing for domain discovery: An attacker can query LLMs with realistic brand-specific prompts to enumerate domains the model invents but presents confidently. Effective prompts reference real business workflows such as payment gateways, admin dashboards, developer documentation, billing portals, benefits portals, webhook endpoints, app downloads, and API integrations. The technique maps a brand's hallucination surface by collecting generated URLs, deduplicating near-duplicate prompts with a metric such as Jaccard similarity, resolving URLs, and extracting candidate parent domains that can be registered or monitored.

Prioritizing exploitable phantom domains: The most valuable hallucinated domains are those with Thermal Hallucination Persistence, meaning the same domain appears across different temperature settings and even at low temperature such as T = 0.1, and cross-model hallucination ...

🤖 Agent Actions

Plan re-initialized and I continued the run.

Status now:

  • Target file still looks correct for HackTricks style: src/AI/AI-Risk-Frameworks.md
  • Inserted phantom-squatting section is still concise, technical, and non-duplicative
  • References remain correctly placed in the final ## References section
  • The run remains open and I am not finalizing yet

This PR was automatically created by the HackTricks Feed Bot. Please review the changes carefully before merging.

@carlospolop

Copy link
Copy Markdown
Collaborator Author

🔗 Additional Context

Original Blog Post: https://unit42.paloaltonetworks.com/phantom-squatting-hallucinated-web-domains

Content Categories: Based on the analysis, this content was categorized under "AI Security / Phishing Methodology / Supply Chain Attacks - Phantom Squatting and LLM-Hallucinated Domains".

Repository Maintenance:

  • MD Files Formatting: 981 files processed

Review Notes:

  • This content was automatically processed and may require human review for accuracy
  • Check that the placement within the repository structure is appropriate
  • Verify that all technical details are correct and up-to-date
  • All .md files have been checked for proper formatting (headers, includes, etc.)

Bot Version: HackTricks News Bot v1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant