arXiv: A Longitudinal Study of Recently Observed Malicious Domains: Characteristics, Infrastructure, and Abuse Patterns

This publication is a research paper from arXiv, not a regulatory change, but it provides critical empirical evidence that should inform AI safety compliance frameworks. The study analyzes a longitudinal dataset of recently observed malicious domains, detailing their characteristics, infrastructure, and abuse patterns. It reveals how threat actors are increasingly using AI-generated content and automated domain registration to evade detection, and highlights the growing sophistication of domain-based attacks that can target AI systems and their supply chains.

The findings are most relevant to compliance teams in sectors deploying high-risk AI systems, including financial services, healthcare, critical infrastructure, and large technology platforms. Any organization subject to the EU AI Act or similar AI safety regulations should pay attention, as the paper demonstrates how malicious domains can be used to poison training data, deliver adversarial inputs, or compromise model integrity. Regulated entities that rely on domain reputation or threat intelligence feeds may need to reassess their risk models.

Compliance teams should immediately review their organization’s threat intelligence sources and domain monitoring capabilities against the patterns described in the study. They should update their AI risk assessments to account for domain-based attack vectors, particularly those involving AI-generated content. Finally, teams should engage with their security operations to test whether current detection systems can identify the newly documented abuse patterns, and consider incorporating the study’s findings into their ongoing AI safety documentation and incident response plans.