Palo Alto Networks Warns Hackers Are Registering AI-Hallucinated Domains in "HalluSquatting" Attacks
Published · updated · curated by AI Is Going Just Great
Source: en.softonic.com ↗
Different models often hallucinate the same names. One malicious registration can pull in traffic from developer tools and customer-facing chatbots across a lot of different places.
Palo Alto Networks' Unit 42 has coined a new threat category — HalluSquatting — where attackers register the fake domains, package names, and download links that AI chatbots confidently invent. Analyzing 2.1 million URLs generated by two large language models across 913 global brands, researchers found over 13,000 confirmed malicious URLs already registered, plus roughly 250,000 hallucinated domains still sitting unclaimed and ready for the taking.
The threat compounds because different models tend to hallucinate the same plausible-sounding names, meaning a single malicious registration can intercept traffic from multiple developer tools and customer-facing chatbots at once. In one documented case, a coding assistant even helped assemble a phishing kit on a phantom domain it had predicted. Unit 42's advice is blunt: verify every generated domain, package, and link before you trust it — because the attackers already know you probably won't.