ADVERTISEMENT

Hacking LLMs: how bots manipulate AI

Hacking LLMs: how bots manipulate AI
Yelyzaveta Hunchenko
Yelyzaveta Hunchenko Tech Content Writer
Nov 28, 2025 Updated: 1 December 2025 7 min read

Key takeaways

LLMs get poisoned through scraping

  1. Malicious actors exploit this vulnerability by flooding online spaces with manipulated, biased, or false content.
  2. Bots automate this process, posting engineered text on forums, wikis, and social platforms to subtly shift the information landscape that LLMs learn from. For example, social media bots coordinated by companies can amplify corporate messages or drown out dissenting perspectives, skewing the mix of data used for training and fine-tuning.
  3. Models that use techniques like Retrieval Augmented Generation (RAG) to fetch real-time information can thus unknowingly amplify such manipulated content as credible.

Bots exploit LLMs by performing repetitive tasks online

Bot typeWhat they doImpact on online discourse
Click/like farming botsInflate popularity by liking, reposting, and engaging with content repeatedlyCreate a false perception of influence, distorting what matters
Hashtag hijacking botsExploit group hashtags to post spam or malicious linksSilence opposing opinions, chill open discussion
Repost network coordinated bots (Botnet)Instantly repost content from a “parent” bot, flooding social media channelsOverwhelm platforms with inauthentic content, sway public opinion
Sleepers Dormant for long periods, then suddenly launch thousands of postsGenerate a false sense of urgency with a sudden surge in attention
Astroturfing botsShare coordinated messages to mimic grassroots support or oppositionCreate an illusion of widespread genuine support/criticism, exaggerate the importance
Raids Swarm targeted accounts with spam and harassmentHarass users, silence dissenting voices
ADVERTISEMENT
Prompt injection process
  • Researchers at Purdue University used a method called LLM Interrogation (LINT) to achieve a 98% success rate in prompting commercial and open-source LLMs to reveal prohibited content.
  • Another study documented coordinated bot networks amplifying polarizing political messages by rapidly sharing content, creating an illusion of widespread support, and influencing public opinion during key political events.
  • My colleague also explores why ChatGPT spews more Russian propaganda than other chatbots in a dedicated article.

Are LLMs hopelessly vulnerable?

One uncomfortable takeaway

ADVERTISEMENT