SEO Summary:
Trail of Bits has uncovered a new vulnerability in AI systems, leveraging image downscaling to execute stealthy prompt injection attacks that allow data exfiltration from platforms like Google’s Gemini CLI, Vertex AI Studio, and Google Assistant. By exploiting resampling algorithms such as bicubic and bilinear interpolation, attackers can embed malicious commands within high-resolution images. These commands remain invisible to users until the images are downscaled, creating a dangerous disconnect between display and model interpretation. The researchers demonstrated successful attacks using their open-source tool, Anamorpher, which crafts adversarial images targeting specific downscaling methods. They recommend limiting upload dimensions, displaying processed inputs, enforcing user confirmation for sensitive actions, and adopting secure-by-design practices to mitigate risks. As mobile and edge devices are more vulnerable due to stringent image processing, ongoing vigilance is crucial. For ongoing updates, follow us on X/Twitter and LinkedIn for more insights.
