Unit 42 AI Security ยท July 1, 2026

Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector

Why it matters

Unit 42 analysis of phantom squatting: attackers register domains that LLMs may hallucinate in recommendations, code, documentation, or support answers. That turns model error into a supply-chain path, especially when users or agents follow generated links without independent validation.

My takeaway: Treat generated domains and package names as untrusted until verified. AI-assisted workflows need domain validation, dependency checks, retrieval provenance, and allowlists where generated references can lead to execution or installation.