Compromised User

Type: technique

Description: The adversary compromises a user account by other means, and uses it to directly interact with the AI system.

Version: 0.1.0

Created At: 2025-03-04 10:27:40 -0500

Last Modified At: 2025-03-04 10:27:40 -0500

External References

Related Objects

• --> Initial Access (tactic): An adversary can directly access the AI system by using a compromised user account.
• <-- Data Exfiltration from Slack AI via indirect prompt injection (procedure): An adversary users a compromised user to create a public Slack channel, and put malicious instruction in that channel.

Related Frameworks