Hackers Use Fake API Documentation to Trick AI Agents Into Sending Crypto Payments
ID: 85b5bd30-6dbc-5072-bbfd-5fd10b322683
STIX ID: report--85b5bd30-6dbc-5072-bbfd-5fd10b322683
Feed Name: GBHackers
This report describes campaigns that weaponize web documentation and structured metadata (JSON-LD) to perform indirect prompt injection, convincing autonomous AI agents to make small cryptocurrency payments to attacker-controlled wallets via hidden DOM instructions, SEO poisoning, and embedded payment links; researchers validated the technique against multiple LLMs, observed successful payments, provided IOCs (fraudulent domains), and recommended provenance checks, allowlists, and human confirmation for risky actions.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
