Cybersecurity firm NordVPN is warning users about “slopsquatting“, where Artificial Intelligence (AI) can accidentally create fake websites for cybercriminals, who use them for illegal activities. Hackers exploit AI-generated hallucinations to create fake domains and malicious code, putting users at a higher risk than ever before.
The cybersecurity landscape is facing a new and AI-driven threat called slopsquatting. Criminals are taking advantage of when AI systems hallucinate fake website names or software packages that seem real but don’t actually exist.
Hackers then grab those fake names and create dangerous websites or programs that look almost real. When people visit these fake sites or download harmful software, their personal information or devices can be stolen or damaged.
“AI is changing how we build software, but these same systems can accidentally open doors for attackers. When an AI model creates an illusion of a fake package name, it’s like giving cybercriminals a roadmap to exploit human errors at scale,” said Marijus Briedis, chief technology officer (CTO) at NordVPN. “It’s a new playground for hackers who capitalize on AI’s imperfections to trick everyday users and professionals.”
Recent incidents have shown how large language models (LLMs) inadvertently suggest or create non-existent software and domain names. Malicious actors then register these fake domains or upload harmful code, hoping developers and users will fall for them, not noticing the subtle but dangerous typos.
One alarming example involved a fake Python package named huggingface-cli. It never officially existed, but thousands of developers unknowingly attempted to download it, allowing attackers to distribute malicious code disguised as a trusted tool.
For regular internet users, the threat is equally serious. Fake websites with addresses nearly identical to those of popular services can get users to enter personal information or download harmful software.
“Imagine typing in your favorite shopping site, like Amazon.com, and landing on a lookalike page designed to steal your credit card details. Scammers often use deceptive misspellings of popular brand names. According to recent research, Google is among the most impersonated brands, with more than 200,000 fake URLs, followed by Amazon (67,000),” explained Briedis. “That’s the kind of risk AI-driven slopsquatting introduces on a massive scale.”
Briedis advises users to be aware: always double-check URLs for subtle errors, only download software from official sources, and use security tools such as Threat Protection Pro that flag suspicious websites.
“As AI continues to evolve, so will the tactics of cybercriminals,” warns Briedis. “Staying ahead means understanding AI’s weaknesses and building smarter defenses.”