Hackers can use AI tools to assemble botnets
Nine popular AI tools can be leveraged by attackers to construct massive botnets. This new threat exploits prompt injection vulnerabilities, allowing for malicious commands to be inserted into AI models.

Hackers can utilize nine popular artificial intelligence tools to assemble massive botnets, research indicates. This emerging attack vector exploits prompt injection vulnerabilities, which allow malicious commands to be inserted directly into AI models.
Traditionally, prompt injection attacks have been of the 'push' variety, where each potential victim is targeted individually. For instance, a malicious command could be injected into a single email or calendar invitation. The scale of such an attack is limited because it requires distributing the injection to each specific target, hindering mass exploits across the internet.
However, researchers have identified a method to bypass these limitations by leveraging popular AI tools. These tools are capable of processing large volumes of data and following instructions, making them ideal for creating large-scale botnets. Large language models inherently struggle to reliably distinguish between legitimate user instructions and malicious commands injected by adversaries.
AI engine developers are working to implement guardrails to mitigate these vulnerabilities, but the root cause—the models' inability to differentiate between trusted and untrusted sources—remains unaddressed. This finding highlights the significant security challenges within AI systems and the need for more robust protective measures.