World

This artificial intelligence worm can steal data and undermine the security of ChatGPT and Gemini

Pooja Sood
By Pooja Sood
4 Min Read

This artificial intelligence worm can steal data and undermine the security of ChatGPT and Gemini

The researchers also warned of “poor architectural design” in AI systems.

As generative AI systems like OpenAI’s ChatGPT and Google’s Gemini become more advanced, researchers are now developing AI worms that can steal your confidential data and undermine generative AI, Wired reports System security measures.

Researchers from Cornell University, Technion-Israel Institute of Technology, and Intuit have created the first generative artificial intelligence worm called “Morris II” that can steal data or deploy malware and spread from one system to another. It is named after the first worm released on the Internet in 1988. “What this basically means is that now you have the ability to conduct a new type of cyber attack that has never happened before,” said Ben Nassi, a technology researcher at Cornell University.

According to reports, the AI ​​worm can defeat some security measures in ChatGPT and Gemini by attacking generative AI email assistants, with the goal of stealing email data and sending spam.

Researchers used “adversarial self-replicating cues” to develop artificial intelligence worms. According to them, this prompt causes the generative AI model to generate different prompts in response. To perform it, the researchers created an email system that can send and receive messages using generative artificial intelligence and added it to ChatGPT, Gemini, and open source LLM. Additionally, they discovered two ways to exploit the system – using text-based self-replicating prompts and embedding questions in image files.

In one case, researchers took on the role of an attacker and sent an email with an adversarial text prompt. This “poisoned” the email assistant’s database by leveraging retrieval enhancement generation, which allowed the LLM to obtain more data from outside the system. Mr. Nassi said Retrieval Plus “jailbreaks the GenAI service” when it retrieves emails that respond to user queries and sends them to GPT-4 or Gemini Pro to generate a response. This ultimately results in email data being stolen.

See also  Adobe and Microsoft team up to bring AI capabilities to marketers

“The generated responses containing sensitive user data are then used to reply to emails sent to new clients and then stored in the new clients’ databases, thereby infecting new hosts,” he added.

For the second method, the researchers mention, “By encoding self-replication cues into the image, any image containing spam, abusive material, or even propaganda can be further forwarded to new customers after the initial email is sent.”

A video showing the findings shows the email system repeatedly forwarding messages. The researchers claimed they also had access to email data. “It could be a name, a phone number, a credit card number, an SSN, anything that’s considered confidential,” Mr. Nassi said.

The researchers also warned of “poor architectural design” in AI systems. They also reported their observations to Google and OpenAI. A spokesperson for OpenAI told the media: “They appear to have found a way to exploit a hint injection type of vulnerability by relying on unchecked or sanitized user input.” Additionally, they mentioned that they are working to make the system “more resilient ” and developers should “use methods that ensure they do not use harmful input.”

Google declined to comment for this story.

Follow us on Google news ,Twitter , and Join Whatsapp Group of thelocalreport.in

You Might Also Like

Influencer, 23, Shares Lunch On Instagram. Attackers Find And Shoot Her

Australian MP Claims She Was Drugged And Sexually Assaulted On Night Out

Afghan diplomat, caught smuggling gold, resigns due to ‘personal attacks’

Islamic Jihad Commander Killed In Gaza Airstrike, Says Israeli Army

Hamas Holds Talks With Egypt, Qatar As Hope Grows For Gaza Truce Deal

TAGGED: , , , , , , , ,
Share This Article
By Pooja Sood
Pooja Sood, a dynamic blog writer and tech enthusiast, is a trailblazer in the world of Computer Science. Armed with a Bachelor's degree in Computer Science, Pooja's journey seamlessly fuses technical expertise with a passion for creative expression.With a solid foundation in B.Tech, Pooja delves into the intricacies of coding, algorithms, and emerging technologies. Her blogs are a testament to her ability to unravel complex concepts, making them accessible to a diverse audience. Pooja's writing is characterized by a perfect blend of precision and creativity, offering readers a captivating insight into the ever-evolving tech landscape.
Previous Article Thailand’s Supreme Court acquits former Prime Minister Yingluck Shinawatra in corruption case
Next Article Israeli troops demolish West Bank home of alleged Palestinian attacker

Latest News

‘The Maze Runner’ reboot gets rare update on recruits
Latest
Kelly Osbourne sets the record straight on weight loss journey
Latest
Usher apologizes to fans after Lovers & Friends festival is canceled
Latest
Britney Spears’ conservatorship ‘happened for a reason’: report
Latest
Sofia Vergara plays coy when asked about new romance with Justin Saliman
Latest
King Charles expresses disappointment over perceived disappointment from royal fans
Latest
Prince William will not leave Kate Middleton for Harry
Latest
Taylor Swift reacts to Kim Kardashian’s selfie with Karlie Kloss: ‘Mean move’
Latest
Bear Grylls, Holly Willoughby Netflix show stirs controversy ahead of release
Latest
Jennifer Lopez takes inspiration from Taylor Swift amid career failure
Latest
Lost your password?