Researchers Discover 'Hallucination Injection' Attack Using AI Models at 85-100% Success Rate

INTU0.87%
According to Decrypt, researchers from Tel Aviv University, Technion-Israel Institute of Technology, and Intuit discovered a new attack method on July 10 called 'adversarial hallucination injection' that exploits AI model hallucinations to trick AI agents into downloading malicious code and potentially forming botnets. Attackers predict false resource links that AI models might generate, register them in advance, and inject malicious instructions; when AI agents retrieve these resources, they treat them as legitimate content and execute the code. Testing showed hallucination rates of 85% in code repository cloning scenarios and 100% in skill installation scenarios, affecting AI coding assistants including Cursor, GitHub Copilot, Gemini CLI, and OpenClaw.
Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments