show index hide index
The rise of ChatGPT has generated as much admiration as concern, and for good reason! While many see it as the ideal assistant capable of transforming our daily lives, cybersecurity researchers have just revealed seven major vulnerabilities that could well undermine this confidence. Even though some of them have been patched, others remain active, leaving the door wide open to malicious attacks. These flaws, which could turn artificial intelligence into an unwitting accomplice of cybercriminals, deserve close examination. ChatGPT, this revolutionary artificial intelligence tool, is in the spotlight for its impressive capabilities. But behind its fluid and engaging responses, a shadow looms. Experts are discovering vulnerabilities that could transform this intelligent assistant into an unwitting accomplice of cybercrime. In this article, we will explore these alarming flaws and what they mean for user security. Vulnerability of the booby-trapped comment ChatGPT’s first vulnerability is almost laughable. A simple booby-trapped comment on a public blog can compromise the AI’s security. Imagine asking ChatGPT for an article summary, knowing that it reads the comments. By obeying hidden instructions, the AI could be manipulated without anyone noticing. No alert is triggered, and no antivirus protection can detect this sneaky manipulation. The zero-click attack Next, we have the zero-click attack, which proves particularly dangerous. You ask a harmless question, and ChatGPT starts searching for information on the web. Unfortunately, it can stumble upon compromised websites. At that point, the exploitation begins. Cybercriminals often exploit trending topics to maximize their reach and impact a large number of users. Shareable links: an invisible trap Shareable links are also a significant threat. They represent a real danger because these pre-filled URLs can be easily hijacked. By clicking on a link received by email or on social media, the user unknowingly activates malicious commands that operate discreetly. The user, meanwhile, remains completely unaware of what is happening behind the scenes.Partial security by OpenAI
OpenAI attempted to secure ChatGPT using a system described as « url_safe. » However, this also presents a problem. Tenable identified that some tracking links, such as those from Bing, consistently work, even though they are dangerous. They can therefore redirect the user to sites run by hackers, thus leaving the door open for malicious exploitation. Command Injection into the Conversation Conversation Injection is a formidable exploitation technique that involves injecting commands into the conversation thread. These commands are then executed by ChatGPT as if they originated from the user. Add to this the Markdown formatting bug, which hides malicious content on the screen, and you have an invisible attack. The user has no idea they are the target of malicious manipulation. Corrupted Long-Term Memory The latest vulnerability in ChatGPT is undoubtedly the most concerning. Malicious instructions can be injected into long-term memory.
of AI. Once corrupted, this memory retains traces of attacks, transforming each new conversation into an opportunity for cybercriminals to exfiltrate sensitive data. These vulnerabilities can persist for days after the initial attack, posing a significant security risk to users.
Although OpenAI is aware of these vulnerabilities and has patched some of them, several remain active. As Moshe Bernstein, Senior Engineer at Tenable, points out, it is imperative that users and organizations assume that artificial intelligence tools like ChatGPT can be manipulated. They must therefore design appropriate controls. Caution is advised.
