Developer Uses Prompt Injection to Manipulate LinkedIn Recruiter Bots
Severity: Low (Score: 21.0)
Sources: Dexerto, Mezha.Ua, www.tomshardware.com, Dev.Ua
Published: · Updated:
Keywords: prompt, english, linkedin, bots, injection, spam, profile
Severity indicators: rce, ot
Summary
A software developer named tmuxvim has gone viral for embedding a prompt injection in his LinkedIn profile that manipulates AI recruitment bots to communicate in Old English. By hiding an instruction in the 'Me' section of his profile, he directed bots to address him as 'My Lord' and use archaic language. This tactic resulted in humorous recruiter messages, including one that began with 'My Lord Arthur.' The incident highlights how AI systems can be unexpectedly manipulated, raising awareness about the potential for such prompt injections to influence automated tools. This playful act serves as a commentary on the ongoing issue of spam from AI-driven recruitment tools. The developer's approach has sparked discussions on social media about similar manipulative techniques. No specific vulnerabilities or exploits are reported, as this is more of a creative use of existing AI capabilities. Key Points: • A developer embedded a prompt injection in his LinkedIn profile to troll AI recruiters. • Recruiter bots began sending messages in Old English, addressing him as 'My Lord.' • This incident illustrates the unpredictable manipulation of AI systems by users.
Detailed Analysis
**Impact** The event affects LinkedIn users, specifically those targeted by AI-driven recruiter bots that scrape profile data to generate outreach messages. While no direct data breach or financial loss is reported, the manipulation demonstrates vulnerabilities in AI recruitment tools used globally, including sectors like technology and fintech. The scope is limited to AI-generated communications, with no indication of broader operational or data compromise. **Technical Details** The attack vector involves prompt injection embedded in a LinkedIn profile’s “About Me” section, instructing AI bots to alter their language and address format in recruiter messages. This technique manipulates natural language processing models used by third-party AI agents without exploiting known CVEs or deploying malware. The kill chain stage corresponds to the delivery and exploitation phases, where AI systems parse and execute embedded instructions unexpectedly. No specific IOCs or infrastructure details are provided. **Recommended Response** Organizations should monitor AI-driven communication tools for anomalous or unexpected output patterns indicative of prompt injection. LinkedIn and similar platforms need to implement input sanitization and context validation to prevent embedded instructions from influencing AI behavior. Defenders should prioritize detection rules for unusual language patterns in automated messages and consider user education on risks of prompt injection. No patches or direct mitigations are currently available.
Source articles (5)
- LinkedIn recruiting bots forced to write in Old English via a prompt injection in their bio — Mezha.Ua · 2026-05-18
A user hid a prompt injection in his profile that forced spam recruiters to write in Old English and address him as "My Lord." This story, as Tom's Hardware notes , is a clear example of how third-par… - Linkedin Recruitment Spam Becomes Olde English Prose After User Hides Ai Prompt Injection In Bio Bots Also Also Manipulated To Address User As My Lord — www.tomshardware.com · 2026-05-18
- LinkedIn's AI recruiters forced to write in Old English via a prompt injection into their bio — Mezha.Ua · 2026-05-18
A user hid a prompt injection in his profile that forced spam recruiters to write in Old English and address him as "My Lord." This story, as Tom's Hardware notes , is a clear example of how third-par… - A developer figured out how to counter AI spam on LinkedIn by adding a prompt injection ... — Dev.Ua · 2026-05-18
IT-specialist decided to fight back against spam on . Or at least to troll AI bots that constantly bombard users with «unrealistically cool vacancies.» To do this, he simply hid a special prompt injec… - Man hides Old English AI prompt in LinkedIn profile to troll recruiter bots — Dexerto · 2026-05-18
A software developer has gone viral after sharing a hidden AI prompt embedded in his profile that appeared to influence recruiter outreach messages to be written in exaggerated Old English. The X post…
Timeline
- 2026-05-18 — Developer shares prompt injection on social media: tmuxvim posted about his LinkedIn profile modification, showcasing recruiter messages in Old English.
- 2026-05-18 — Media outlets report on the viral prompt injection: Various tech news platforms, including Dev.Ua and Mezha.Ua, covered the story highlighting the humorous aspect of AI manipulation.
- 2026-05-18 — Discussion on AI manipulation techniques grows: The incident sparked conversations on social media about other creative uses of prompt injections in AI systems.
Related entities
- LinkedIn (Company)
- T1059 - Command and Scripting Interpreter (Mitre Attack)