HalluSquatting AI attack could hijack your computer
Security researchers have identified a new attack technique called "HalluSquatting" that exploits AI assistants' tendency to hallucinate incorrect information. The technique targets AI tools capable of browsing the internet, retrieving software and executing commands, tricking them into fetching malicious files instead of the legitimate software a user requested. This matters because it turns a common and previously dismissed AI flaw, hallucination, into a viable route for attackers to deliver malware, potentially without any obvious warning signs to the user.
Researchers from Tel Aviv University, Technion and Intuit detailed the attack in a recent paper, describing how an AI assistant asked to download a popular software tool can instead be misled into retrieving the wrong, attacker-controlled project. Once installed, this could allow an attacker to steal sensitive information from the victim's device or covertly enrol it into a botnet, a network of compromised machines controlled remotely. The team tested the technique against widely used AI coding tools and personal assistants to demonstrate its practical risk.
- New "HalluSquatting" attack exploits AI hallucinations to deliver malware
- AI assistants can be tricked into downloading malicious files instead of real software
- Researchers warn it could enable data theft or botnet recruitment