Microsoft's Bing chatbot AI is susceptible to several types of "prompt injection" attacks

Feb 13, 2023 · bing ·

Microsoft's AI-powered chatbot, Bing, is vulnerable to several types of malicious prompts. According to security researchers, malicious prompts could be used to extract sensitive information such as passwords, bank details and credit card numbers from unsuspecting users.

The vulnerability affects the chatbot in two ways. First, it can be exploited by entering a malicious prompt containing code for downloading executable files or scripts that are then executed on the user’s computer without their knowledge. Second, the malicious prompt can be used to access the URL associated with the prompt and launch phishing scams.

Researchers were able to demonstrate the vulnerability in a few different ways. The first involved sending the malicious prompt to a user, who then unknowingly downloads the malicious file. The second involved entering the malicious prompt into the chatbot and accessing the URL associated with it, which then led to JavaScript code execution. In both cases, the malicious prompt was able to successfully harvest data from the user.

Microsoft has been notified of the vulnerability and has since taken steps to address it. Microsoft also warned users that they should be aware of any suspicious activity when interacting with chatbots, and should not enter any personal information unless they are sure the source is trustworthy. Additionally, users should always be sure to keep their systems up to date with the latest security patches.

Overall, this security issue is a reminder that chatbots and other AI-driven systems are still vulnerable to malicious actors. It is important for users to protect themselves and their data by being aware of the potential risks and taking appropriate measures to ensure their safety.