The Attack Is Simpler Than You Think

Researchers at Palo Alto Networks Unit 42 documented a technique they're calling phantom squatting: attackers register domain names that LLMs consistently hallucinate, then sit back and wait for the traffic.

No zero-days. No exotic exploit chains. Just a spreadsheet of domains that AI tools confidently recommend — domains that never existed legitimately — and a registrar account.

When your AI coding assistant suggests you visit some-plausible-sounding-docs-site.io to read the official documentation, and that domain belongs to an attacker, you're one click away from a phishing page or a malware download. The LLM delivered it with full confidence. You had no reason to doubt it.

This is the real-world consequence of a known LLM failure mode being weaponized at scale.