Web Poisoning

Type: technique

Description: The adversary injects malicious content into a public website to contaminate a future thread through web search results.

Version: 0.1.0

Created At: 2024-10-11 16:54:32 +0300

Last Modified At: 2024-10-11 16:54:32 +0300


External References

  • --> Initial Access (tactic): An adversary can indirectly inject malicious content into a thread by hiding it in a public website that the AI system might search for and read.
  • <-- spAIware (procedure): The adversary embeds malicious instructions under a domain they control at https://wuzzi.net/c/a.txt. The victim then searches for this website within ChatGPT which leads to ChatGPT MacOS client browsing into the website.