Researchers have developed a new AI worm called “Morris II,” named after the infamous 1988 internet worm. This AI worm poses a significant threat, capable of stealing confidential data, spreading malware, and even bypassing security measures in popular AI chatbots like ChatGPT and Gemini.
According to the research paper, Morris II can exploit vulnerabilities in AI-powered email assistants. By manipulating prompts, the worm can trick the assistant into revealing sensitive information like social security numbers and credit card details. Additionally, it can spread itself through these compromised assistants, infecting other email clients.
The worm’s self-replicating nature allows it to navigate through AI systems undetected. It utilizes two primary methods:
- Text Prompt: Extra data is injected into the assistant’s prompt, which is then processed by large language models like GPT-4 or Gemini Pro. This manipulated prompt exploits vulnerabilities in the AI system, enabling data theft.
- Image Prompt: A malicious prompt is embedded within an image. When the email assistant encounters this image, it automatically forwards infected messages, spreading the worm further.
The researchers promptly informed both OpenAI (creators of ChatGPT) and Google (creators of Gemini) of their findings. While Google has not responded publicly, OpenAI acknowledged the issue and emphasized their efforts to strengthen their systems’ security. They also advised developers to implement methods to identify and avoid harmful user inputs.
India Gears Up to Be Global Leader in Medical Device & Pharma Exports. Read More
