Barry V
Andrew NesbittSlopsquatting – when an LLM hallucinates a non-existent package name, and a bad actor registers it maliciously. The AI brother of typosquatting.
Credit to @sethmlarson for the name
This has a Wikipedia page now: https://en.m.wikipedia.org/wiki/Slopsquatting no mention of this toot though 🥲
Eric Leung@andrewnez haha I was the one who created and wrote it! I'm still adding to it as more thoughts and news on it come through. I've added a mention of your toot now :)
@erictleung nice! You could also add your page to the See also section of https://en.m.wikipedia.org/wiki/Typosquatting
@andrewnez thanks for the suggestion! i guess i only went one way with the linking, but it does make sense to make it two-way. thanks!
uzayran@andrewnez @notjustbikes @sethmlarson Misreading the creditee's tag, I gotta say that 'ML arson' is another term waiting to be coined.
LanyBI don’t mean to ruin the party, but this attack technique is actually called “package hallucination” — a term and concept I introduced two years ago. I’ve published two research pieces on it, and it's now recognized as a resource under the OWASP Top 10 for LLMs, specifically under the "Misinformation" category. You can check out my latest work here:
https://www.lasso.security/blog/ai-package-hallucinations
Seth Larson@LanyB @andrewnez Nice! "Package hallucination" is a much better name, I honestly didn't expect the coining of something in a conversation to blow up so quickly :) Power of the internet I suppose, maybe we should get the Wikipedia page renamed to your phrasing so it's attributed properly (and so people don't have to say "slopsquatting" ever again)
Konstantin Weddige@sethmlarson @LanyB @andrewnez why choose one, if we can have both?
Package hallucination for the vulnerability (code with nonexisting, hallucinated dependencies) and slopsquatting for the exploit (the act of uploading packages matching these dependencies)?
This would be the way in which the terms make the most sense IMHO.