Researchers have discovered an unexpected scenario for using the memory feature in ChatGPT.
A vulnerability has been discovered in the ChatGPT macOS app that allows attackers to install spyware by exploiting the AI memory feature. Experts called this technique SpAIware and noted that it provides constant data leakage, including information entered by users or obtained in chats.
According to security researcher Johan Rechberger, the vulnerability exploits a memory feature that OpenAI added to ChatGPT in February and then expanded to all users, including free and paid versions. This feature allows the chatbot to "remember" certain data from different chats so that users do not have to repeat the same information.
However, as it turns out, this mechanism can be used to inject malicious instructions into the system's memory, allowing potential hackers to carry out espionage activity in all new chats by sending sensitive user information to a controlled server. It is enough just to force the user to go to a malicious site or download a file containing hidden commands for the ChatGPT application.
After the vulnerability was disclosed, OpenAI released the ChatGPT update version 1.2024.247, which eliminated the possibility of a data breach. Experts urge users to regularly check the information stored in ChatGPT's memory to remove suspicious or incorrect data.
Rechberger also noted that this case clearly demonstrates the risks associated with long-term data storage, both in terms of disinformation and possible interaction with the attackers' servers.
Thus, even useful features such as memory can become a potential threat if not paid due attention to security issues. Users should be careful about what data they trust with such services, and developers should promptly fix any vulnerabilities to minimize risks to data privacy and security.
Source
A vulnerability has been discovered in the ChatGPT macOS app that allows attackers to install spyware by exploiting the AI memory feature. Experts called this technique SpAIware and noted that it provides constant data leakage, including information entered by users or obtained in chats.
According to security researcher Johan Rechberger, the vulnerability exploits a memory feature that OpenAI added to ChatGPT in February and then expanded to all users, including free and paid versions. This feature allows the chatbot to "remember" certain data from different chats so that users do not have to repeat the same information.
However, as it turns out, this mechanism can be used to inject malicious instructions into the system's memory, allowing potential hackers to carry out espionage activity in all new chats by sending sensitive user information to a controlled server. It is enough just to force the user to go to a malicious site or download a file containing hidden commands for the ChatGPT application.
After the vulnerability was disclosed, OpenAI released the ChatGPT update version 1.2024.247, which eliminated the possibility of a data breach. Experts urge users to regularly check the information stored in ChatGPT's memory to remove suspicious or incorrect data.
Rechberger also noted that this case clearly demonstrates the risks associated with long-term data storage, both in terms of disinformation and possible interaction with the attackers' servers.
Thus, even useful features such as memory can become a potential threat if not paid due attention to security issues. Users should be careful about what data they trust with such services, and developers should promptly fix any vulnerabilities to minimize risks to data privacy and security.
Source
