all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ChatGPT Custom Instructions: Persistent Data Exfiltration Demo

Add to bookmarks
e
July 24, 2023, 2:26 p.m. |

Embrace The Red embracethered.com

ChatGPT is vulnerable to data exfiltration via image markdown injections. This. is. pretty well known.
As more features are added to ChatGPT the exfiltration angle becomes more likely to be abused.
Recently OpenAI added Custom Instructions, which allow to have ChatGPT always automatically append instructions to every message exchange.
An adversary can abuse this feature to install a data exfiltration backdoor that depends on, and only works because of the image markdown injection vulnerability.

abuse adversary chatgpt data data exfiltration demo exchange exfiltration features image message openai persistent vulnerable

Visit resource

More from embracethered.com / Embrace The Red

Em
Bobby Tables but with LLM Apps - Google NotebookML Data Exfiltration 2 weeks, 2 days ago | embracethered.com
apps can chat control +19
Em
HackSpaceCon 2024: Short Trip Report, Slides and Rocket Launch 2 weeks, 4 days ago | embracethered.com
center class conference dave +14
Em
Google AI Studio Data Exfiltration via Prompt Injection - Possible Regression and Fix 3 weeks, 3 days ago | embracethered.com
data data exfiltration discipline easier +14
Em
The dangers of AI agents unfurling hyperlinks and what to do about it 4 weeks ago | embracethered.com
agents ai agents ai chatbots attackers +11
Em
ASCII Smuggler - Improvements 1 month, 3 weeks ago | embracethered.com
ascii decode decoding end +11
Em
Who Am I? Conditional Prompt Injection Attacks with Microsoft Copilot 1 month, 4 weeks ago | embracethered.com
applications attackers attacks building +23
Em
Google Gemini: Planting Instructions For Delayed Automatic Tool Invocation 2 months, 1 week ago | embracethered.com
attacker automatic bard called +11
Em
ChatGPT: Lack of Isolation between Code Interpreter sessions of GPTs 2 months, 2 weeks ago | embracethered.com
bug chatgpt code disclosure +11
Em
Video: ASCII Smuggling and Hidden Prompt Instructions 2 months, 2 weeks ago | embracethered.com
ascii beyond block call +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Security Engineer II- Full stack Java with React

@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity SecOps

@ GFT Technologies | Mexico City, MX, 11850
View on infosec-jobs.com

Senior Information Security Advisor

@ Sun Life | Sun Life Toronto One York
View on infosec-jobs.com

Contract Special Security Officer (CSSO) - Top Secret Clearance

@ SpaceX | Hawthorne, CA
View on infosec-jobs.com

Early Career Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com
View more jobs