Cybersecurity experts have identified a new threat involving artificial intelligence models that fabricate nonexistent web domains. Known as phantom squatting, this tactic involves cybercriminals purchasing these invented domains and using them to host phishing sites. The phenomenon has been noted by Unit 42, the research division of Palo Alto Networks, highlighting a troubling trend in online security.
Understanding the Threat of Phantom Squatting
Phantom squatting poses a significant risk due to misplaced trust in AI-generated links. AI models, used by developers and digital assistants, can mistakenly treat these fabricated domains as legitimate. Once a cybercriminal registers such a domain, they can exploit this trust without needing phishing emails or malicious advertisements. Unit 42 examined two AI models, asking them over 685,000 questions related to well-known brands, which resulted in 2.1 million links, some of which were flagged as malicious.
Mechanics of Phantom Domain Exploitation
The efficacy of phantom squatting lies in the fact that new domains have no track record, making them invisible to blocklists and security filters until after they have been misused. This gap allows attackers to target users directed to these domains by trusted AI tools. Interestingly, these invented domains were not part of the AI models’ training data, indicating they arise from the models’ language processing patterns. This consistency in AI-generated domain names makes it easier for attackers to predict and register them.
Real-World Implications and Examples
Unit 42 documented cases where AI models consistently generated domains that were later used for phishing. For instance, a domain resembling a national postal service’s site was created by the models and then registered by an attacker to deploy a phishing kit. Within weeks, personal and financial data was stolen from unsuspecting users. Another case involved a replicated postal-service domain used to distribute a malicious Android app. These incidents underscore the potential for harm when AI-generated domains go unchecked.
Phantom squatting is the digital equivalent of slopsquatting, where attackers register fictitious software package names suggested by AI tools. This behavior has already been exploited in campaigns like PhantomRaven, which embedded malware in npm packages. The trend reflects a broader move toward leveraging AI output without verification, posing a challenge for security teams that need to act swiftly.
Preventive Measures and Future Outlook
To counter phantom squatting, security teams can preemptively map potential fake domains and monitor their registration. Users are advised to verify any AI-generated links before engaging with them. AI agents should be restricted from automatically interacting with such links without human oversight. As the battle between defenders and attackers continues, the key lies in who can act more swiftly to secure these domains. This growing risk demands vigilance and proactive measures from all internet users.
