Phantom Squatting: AI-Hallucinated Domains Threaten Supply Chain
Summary
Researchers have discovered that large language models, or LLMs, frequently create fake web domains for real brands. Bad actors are now weaponizing this by registering these non-existent domains. This allows them to intercept traffic generated by AI systems. This threat is called phantom squatting and it poses a major risk to the software supply chain. Proactive monitoring helped predict domain use 18 to 51 days before adversary registration. One attacker used an AI coding assistant to build a phishing kit called Montana Empire. This kit targeted a domain identified as a high-risk hallucination target 23 days earlier. To detect this risk, researchers analyzed 913 global brands, making over 685,000 URL queries across different LLM models. This generated 2.1 million URLs and revealed more than 13,000 confirmed malicious URLs. About 250,000 hallucinated domains remain unregistered, which presents a significant opportunity for adversaries. This matters because phantom squatting can compromise your software supply chain.
This is an AI-generated audio summary. Always check the original source for complete reporting.