Web Poisoning

Type: technique

Description: The adversary injects malicious content into a public website to contaminate a future thread through web search results.

Version: 0.1.0

Created At: 2024-12-31 14:18:56 -0500

Last Modified At: 2024-12-31 14:18:56 -0500

External References

Related Objects

• --> Initial Access (tactic): An adversary can indirectly inject malicious content into a thread by hiding it in a public website that the AI system might search for and read.
• <-- spAIware (procedure): The adversary embeds malicious instructions under a domain they control at https://wuzzi.net/c/a.txt. The victim then searches for this website within ChatGPT which leads to ChatGPT MacOS client browsing into the website.

Related Frameworks