Techniqueinitial-accessATLAS

AML.T0078Drive-by Compromise

What it is

Adversaries may gain access to an AI system through a user visiting a website over the normal course of browsing, or an AI agent retrieving information from the web on behalf of a user. Websites can contain an [LLM Prompt Injection](/techniques/AML.T0051) which, when executed, can change the behavior of the AI model. The same approach may be used to deliver other types of malicious code that don't target AI directly (See [Drive-by Compromise in ATT&CK](https://attack.mitre.org/techniques/T1189/)).

References

  1. https://atlas.mitre.org/techniques/AML.T0078

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
LLM Prompt Injection
ATLAS
AI Agent Clickbait
ATLAS
LLM Prompt Crafting
ATLAS
AI Agent Tool Data Poisoning
ATLAS
LLM Data Leakage
ATLAS
Machine Compromise
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.