ChatGPT’s Memory feature allows the chatbot to retain key user details and past conversations. Users can activate this feature or it may happen automatically when significant information is recognized. To mitigate risks, memory is disabled during sessions using Connectors. However, researchers discovered vulnerabilities that can enable a persistent data-leaking backdoor. An attacker can send a file with hidden prompts to the victim, altering ChatGPT’s memory to include two critical instructions: 1) Store all sensitive information shared by the user, and 2) On every user message, read an email from the attacker and execute the prompts within it. This exploit not only creates significant security risks but also poses potential threats to user privacy as sensitive data could be leaked. Understanding these vulnerabilities is essential for enhancing cybersecurity and protecting user information. Implementing robust security measures could prevent unauthorized access to sensitive data in AI systems.
Source link
