Techly NewsGet the app

Get the latest tech news

Hacker plants false memories in ChatGPT to steal user data in perpetuity


Emails, documents, and other untrusted content can plant malicious memories.

Within three months of the rollout, Rehberger found that memories could be created and permanently stored through indirect prompt injection, an AI exploit that causes an LLM to follow instructions from untrusted content such as emails, blog posts, or documents. The researcher demonstrated how he could trick ChatGPT into believing a targeted user was 102 years old, lived in the Matrix, and insisted Earth was flat and the LLM would incorporate that information to steer all future conversations. These false memories could be planted by storing files in Google Drive or Microsoft OneDrive, uploading images, or browsing a site like Bing—all of which could be created by a malicious attacker.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of ChatGPT

ChatGPT

Photo of hacker

hacker

Photo of user data

user data

Related news:

News photo

California Governor Vetoes Bill Requiring Opt-Out Signals For Sale of User Data

News photo

ChatGPT: Everything you need to know about the AI-powered chatbot

News photo

Calif. Governor vetoes bill requiring opt-out signals for sale of user data | Gavin Newsom said he opposes mandate on mobile operating system developers.

« Lego Horizon Adventures Digital Deluxe Edition includes Sackboy, Ratchet outfits
Ghost of Yōtei is a Tsushima sequel coming to PS5 in 2025 »