Image: MLYearning
Northwestern University recently unveiled a critical vulnerability in custom Generative Pre-trained Transformers (GPTs).
Despite their versatility and adaptability, these advanced AI chatbots are prone to prompt injection attacks, risking exposure of sensitive information.
Custom GPTs, developed using OpenAI's ChatGPT and its GPT-4 Turbo Large Language Model, incorporate unique elements like specific prompts, datasets, and processing instructions for specialised tasks.
Image: Decrypt
However, these customisations and any confidential data used in their creation can be easily accessed by unauthorised parties.
An experiment by Decrypt demonstrated the ease of extracting a custom GPT's full prompt and confidential data through basic prompt hacking.
Testing over 200 custom GPTs, researchers found a high likelihood of such breaches, including the potential extraction of initial prompts and access to private files.
The study highlights two major risks: compromised intellectual property and breached user privacy.
Attackers can exploit the GPTs to either extract the core configuration and prompt ("system prompt extraction") or leak confidential training datasets ("file leakage").
Existing defences like defensive prompts prove ineffective against more sophisticated adversarial prompts.
The researchers argue for a more comprehensive approach to safeguard these AI models, emphasising that determined attackers can likely exploit current vulnerabilities.
The study calls on the AI community to develop stronger security measures, suggesting that simple defensive prompts are inadequate against such advanced exploitation techniques.
With the rising customisation of GPTs offering vast potential, this research serves as a critical reminder of the security risks involved.
Users are advised to exercise caution, especially with sensitive data, underscoring the need for enhanced AI security without compromising user privacy and safety.
The complete Northwestern University study is available for reading here.
Meme is a good strategy, a high-end local dog game, and a great general. Under the market, Solana, known as the "chain of downtime", finally, thanks to the unremitting efforts of the local dogs, "came out of the wall" and bravely climbed to new heights.
JinseFinanceBecause I am deeply engaged in legal services in the Web3 industry, I come into contact with the magical experiences of friends in the currency circle every day. They say that art comes from life, and the love and hatred in the currency circle are much more exciting than novels.
JinseFinanceSince the publication of the first in-depth research report on Gains Network on February 1, the price of GNS has risen from $4.64 to $6.2 in two weeks, achieving a staggering increase.
JinseFinanceA hacker's sale of KodexGlobal access threatens major tech and crypto firms, risking user data privacy and intensifying calls for enhanced security measures.
WeiliangExplore Luno, the cryptocurrency investment app revolutionizing digital finance. Learn about its features, security, and global impact in our comprehensive guide.
KikyoThe latest release transforms AI interactions by expanding the knowledge base to April 2023 and introducing support for 300-page documents.
JixuJinseFinanceThe financial regulator reportedly unintentionally included 650 names and email addresses in communications with blockchain firm Green as part of an investigation.
OthersThe American multinational fast food chain McDonald's has started accepting payments in Bitcoin and Tether in Switzerland's city of Lugana.
BitcoinistOpenSea, a leading NFT marketplace, has advised its users to exercise caution and avoid falling for phishing scams. The head ...
Bitcoinist