Newsletter IconFacebook IconX IconThreads IconInstagram IconYouTube IconPinterest Icon
Giveaway: Win an NZXT H6 RGB+ Case, Kraken Elite AIO, RGB Fans and 1200W PSU

Researchers create never-before-seen cyberattack using generative AI

A team of researchers created a new type of computer 'worm' that enabled its creators to perform a never-before-seen, concerning cyberattack.

Researchers create never-before-seen cyberattack using generative AI
Comments
Tech and Science Editor
Published
Updated
1 minute & 15 seconds read time
Voice: Jak Connor
0:00 / --:--
Use left and right arrow keys to seek audio.

Researchers are warning that it's only a matter of time before AI-powered malware, such as the "worm" they created, is discovered in the wild.

Researchers create never-before-seen cyberattack using generative AI 262626

The team behind the new malware published a paper that is yet-to-be-peer-reviewed that details the creation of a new type of malware that targets AI-powered email assistants. The researchers conducted their experiment in a closed-circuit environment and found that their malware, or "worm," was capable of targeting email assistants powered by popular language models such as OpenAI's GPT-4, Google's Gemini Pro, and LLaVA.

The result was the worm infecting these email assistants, obtaining sensitive user information, and then sending out spam emails that can infect other PCs, replicating the same process. So, how does it work? The researchers used an "adversarial self-replicating prompt" that forces the targeted AI model to create another prompt within its response. Essentially, the target AI assistant receives a prompt, generates a response, and within that response is another prompt.

This method creates a domino effect, and since these AI assistants contain large amounts of sensitive information, the researchers designed it to retrieve any information that could be considered confidential. Examples of confidential information that the worm successfully grabbed were names, telephone numbers, credit card numbers, social security numbers, and more.

"The generated response containing the sensitive user data later infects new hosts when it is used to reply to an email sent to a new client and then stored in the database of the new client," Nassi told Wired

The worries don't stop there as the now-infected database is then told by the malware to send confidential information to a new client, which secretly contains a new worm to infect that database. This infected message can even be in the form of an image, which the team successfully performed.

"By encoding the self-replicating prompt into the image, any kind of image containing spam, abuse material, or even propaganda can be forwarded further to new clients after the initial email has been sent," Nassi added

Photo of the $25 PlayStation Store Gift Card [Digital Code]

Best Deals: $25 PlayStation Store Gift Card [Digital Code]

* Prices may be inaccurate. As an Amazon Associate, we earn from qualifying purchases. We earn affiliate commission from any Newegg or PCCG sales.

News Source:wired.com

Comments

Tech and Science Editor

Email IconX IconLinkedIn Icon

Jak joined TweakTown in 2017 and has since reviewed 100s of new tech products and kept us informed daily on the latest science, space, and artificial intelligence news. Jak's love for science, space, and technology, and, more specifically, PC gaming, began at 10 years old. It was the day his dad showed him how to play Age of Empires on an old Compaq PC. Ever since that day, Jak fell in love with games and the progression of the technology industry in all its forms.

Stay Updated

Follow TweakTown for breaking tech news, reviews, and daily updates.

Add TweakTown as a preferred source on GoogleFind TweakTown on Apple News
Newsletter Subscription