Compromised User

Type: technique

Description: The adversary compromises a user account by other means, and uses it to directly interact with the AI system.

Version: 0.1.0

Created At: 2024-10-11 16:54:32 +0300

Last Modified At: 2024-10-11 16:54:32 +0300

External References

Related Objects

• --> Initial Access (tactic): An adversary can directly access the AI system by using a compromised user account.
• <-- Data Exfiltration from Slack AI via indirect prompt injection (procedure): An adversary users a compromised user to create a public Slack channel, and put malicious instruction in that channel.

Related Frameworks