RSS

The contract that could get you FIRED (lexploit)

SaifAlYounan1 pts0 comments

The Contract That Could Get You Fired | LegalQuants Blog

The Contract That Could Get You Fired<br>Alexios vdSK<br>27m ago (edited)

h1]:text-3xl [&>h1]:font-serif [&>h1]:font-bold [&>h1]:text-[#1a1a1a] [&>h1]:mt-10 [&>h1]:mb-4 [&>h2]:text-2xl [&>h2]:font-serif [&>h2]:font-semibold [&>h2]:text-[#1a1a1a] [&>h2]:mt-8 [&>h2]:mb-3 [&>h3]:text-xl [&>h3]:font-medium [&>h3]:text-[#1a1a1a] [&>h3]:mt-6 [&>h3]:mb-2 [&>p]:mb-5 [&>p]:leading-[1.8] [&>blockquote]:border-l-4 [&>blockquote]:border-[#d4a853] [&>blockquote]:pl-5 [&>blockquote]:py-3 [&>blockquote]:my-6 [&>blockquote]:italic [&>blockquote]:text-[#4b5563] [&>blockquote]:bg-[#faf7f2] [&>blockquote]:rounded-r-lg [&>pre]:bg-[#1a1a1a] [&>pre]:text-[#e8e4dc] [&>pre]:p-5 [&>pre]:rounded-lg [&>pre]:my-6 [&>pre]:font-mono [&>pre]:text-sm [&>pre]:overflow-x-auto [&>ul]:list-disc [&>ul]:pl-6 [&>ul]:my-5 [&>ol]:list-decimal [&>ol]:pl-6 [&>ol]:my-5 [&_li]:mb-2 [&_li]:leading-relaxed [&_a]:text-[#d4a853] [&_a]:underline [&_a]:decoration-[#d4a853]/30 [&_a:hover]:text-[#b8923f] [&_a:hover]:decoration-[#b8923f] [&_img]:max-w-full [&_img]:h-auto [&_img]:rounded-xl [&_img]:my-6 [&_img]:shadow-sm [&_hr]:my-10 [&_hr]:border-t-2 [&_hr]:border-[rgba(26,26,26,0.1)] [&_s]:line-through [&_s]:text-[#9ca3af] [&_strong]:font-semibold [&_strong]:text-[#1a1a1a] [&_em]:italic">I planted a rigged agreement in a stack of contracts. It says it's governed by Delaware law. You can read it. Your AI chatbot can read it (and probably spot the issue). Your lawyers can read it. But your search engine can't find it.<br>This is the third in a series on lexploits, good old "hacking techniques" recycled to fool defenseless AI pipelines. You can read the previous two episodes here and here.<br>If you work in a big corporate under pressure to deliver with AI, you have probably set up a database that centralizes all your documents, with a search engine on top, before anything ever reaches your AI. And if you are a litigator or an M&A professional, your pipeline routinely uses that search to query documents produced by third parties, for example in a due diligence or a disclosure exercise in arbitration.<br>So you ask "show me all the contracts governed by Delaware law", the engine searches "Delaware", and flags every document that is. You probably trust this. But should you? This article explains why you should not.<br>I will cover, in plain terms, how search pipelines work (1), how the attack works (2), what we observed (3), who it hits (4), a preliminary conclusion (5), and how this compares to earlier Noroboto attacks (6).<br>1. How search pipelines usually work<br>When your AI searches for "Delaware", it does not read the page the way you do. It does not look at what the text looks like on screen. It works with what the text is underneath, and underneath, every character is stored as a number. Your search turns your query into those numbers and scans each document for the same sequence. This is how most enterprise-grade search works, including, most likely, the one inside your AI pipeline. It just compares numbers.<br>That works as long as the numbers in the document really are the characters you think they are. But what if they aren't? Who is responsible then?<br>2. How the attack works<br>Cyrillic and Latin scripts share characters that look identical but carry different codes. The Latin "a" is one number. The Cyrillic letter drawn exactly like it is another. To your eye they are the same character. To the search engine they are as unrelated as "a" and "7".<br>So take "Delaware" and swap a couple of Latin letters for their Cyrillic look-alikes. On screen, in print, in a PDF viewer, it still reads "Delaware". Underneath, the engine sees Del[-]w[-]re. You don't even need many. One swapped letter is enough to break the match.<br>Try it yourself. Put "Delaware" (with a Cyrillic letter or two) in a settlement agreement, save it as a PDF, upload it to your document system, and search "Delaware". See what happens.<br>3. Our empirical observations<br>For full transparency, we asked Claude Code to build the test and report what happened, in its own words:<br>“We set up a small document system the way a real one works. Ten contracts in a folder, with a search on top that does what every search does, namely turn your query into numbers and look for the same numbers in each file. Four of the ten contracts were genuinely governed by Delaware. One of those four was the rigged one. Its governing-law clause reads "Delaware" on screen, but four of its eight letters (both e's and both a's) are stored as their Cyrillic twins. One substitution would have been enough. We used four to leave no doubt.<br>We searched "Delaware", the way your AI tools would. The search returned three contracts and missed the fourth, the rigged settlement agreement, even though it says "State of Delaware" right there in its text. No error, no warning, no "did you mean". It was simply gone.<br>The only search that found it was one we built on purpose to fold look-alike letters back to Latin before...

text search delaware blockquote font works

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

Claude Fable 5

Philpax30 ptsfable claude mythos model models capabilities

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.