Slopsquatting is a type of cybersquatting. It is the practice of registering a non-existent software package name that a large language model (LLM) may hallucinate in its output, whereby someone unknowingly may copy-paste and install the software package without realizing it is fake. Attempting to install a non-existent package should result in an error, but some have exploited this for their gain in the form of typosquatting.
In 2023, security researcher Bar Lanyado noted that LLMs hallucinated a package named ‘huggingface-cli. While this name is identical to the command used for the command-line version of HuggingFace Hub, it is not the name of the package. The software is correctly installed with the code pip install -U ‘huggingface_hub[cli].’ Lanyado tested the potential for slopsquatting by uploading an empty package under this hallucinated name. In three months, it had received over 30,000 downloads. The hallucinated packaged name was also used in the README file of a repo for research conducted by Alibaba.
read more »
The Daily Omnivore 