On the Availability Risks of Production LLM Services Under Unbounded Inference
Summary
Researchers discovered a new type of denial-of-service attack called ThinkTrap that targets cloud-based LLM services by crafting special inputs that force the model into extremely long or infinite generation loops, exhausting computing resources and making the service unavailable to legitimate users. The attack works even against closed-source models (where the inner workings are hidden) by using a technique that converts text tokens into continuous numbers and then optimizes adversarial prompts in a lower-dimensional space. Testing on commercial LLM services showed ThinkTrap could reduce system performance to as little as 1% of normal capacity or cause complete service failure.
Classification
Affected Vendors
Related Issues
Original source: http://ieeexplore.ieee.org/document/11503096
First tracked: July 13, 2026 at 08:03 PM
Classified by LLM (prompt v3) · confidence: 92%