Skip to main content

Hacker creates false memories in ChatGPT to steal victim data — but it might not be as bad as it sounds

Web Hosting & Remote IT Support

Security researchers have exposed a vulnerability which could allow threat actors to store malicious instructions in a user’s memory settings in the ChatGPT MacOS app.

A report from Johann Rehberger at Embrace The Red noted how an attacker could trigger a prompt injection to take control of ChatGPT, and can then insert a memory into its long-term storage and persistence mechanism. This leads to the exfiltration of the conversation on both sides straight to the attacker’s server.

From then on, the prompt is stored as ‘memory persistent’, so any future conversations with the chatbot will have the same vulnerability. Because ChatGPT remembers things about its users, like names, ages, locations, likes and dislikes, and previous searches, this exploit presents serious risk for users.

Staying safe

In response, OpenAI had introduced an API which means the exploit is no longer possible through ChatGPT’s web interface, and has also launched a fix to prevent memories from being used as an exfiltration vector. However, researchers say that untrusted third-party content can still inject prompts that could exploit the memory tool.

The good news is, whilst the memory tool is automatically turned on by default in ChatGPT, but can be turned off by the user. The feature is great for those who want a more personalized experience using the chatbot, as it can listen to your wants and needs and make suggestions based on the info - but clearly there are dangers.

To mitigate the risks from this, users should be alert when using the chatbot, and particularly look at the ‘new memory added’ messages. By reviewing the stored memories regularly, users can examine for any potentially planted memories.

This isn't the first security flaw that researchers have discovered in ChatGPT, with concerns over the plugins allowing threat actors to take over users' other accounts and potentially access sensitive data.

More from TechRadar Pro



via Hosting & Support
Labels:

Comments

Post a Comment

Web Hosting
Remote IT Support
Sites & Socials
Computing Handbook - $9.95

Popular posts from this blog

Hacking Huawei Modems

Post a Comment
Read more

Report: Android's desktop mode might allow future tablets to double as computers

Web Hosting & Remote IT Support Back in April , evidence surfaced online revealing that Google was working on improving Android's desktop mode. Early demos show it’ll be more user-friendly than before by having movable windows, although it still lacks vital features. Since then, we haven’t heard much about the project until recently, when it popped up again in the “latest Android 15 Beta 4.1 release”. Android expert Mishaal Rahman discovered that Android’s feature may work on a tablet – provided it has a big enough display. In the build, he states that if you go to the device’s 'Recents' view and open the dropdown menu for an app, you will see a new button called “Desktop.” Tapping said button causes whatever app you were on to turn into a free-floating window. From here on, it behaves similarly to a browser on Samsung's New DeX system. The app can be minimized, maximized, attached to the side, or connected to another window. Down at the bottom is a taskbar
Post a Comment
Read more