HomeRisk ManagementsA Self-Propagating Worm Developed for Targeting Generative AI Systems

A Self-Propagating Worm Developed for Targeting Generative AI Systems

Published on

spot_img

Researchers have recently unveiled a groundbreaking development in the field of cybersecurity – a computer worm named “Morris II” that specifically targets generative AI (GenAI) applications in order to spread malware and steal personal data. This new innovation has raised serious concerns about the potential vulnerabilities within GenAI ecosystems and the need for increased security measures to protect sensitive information.

The research paper detailing the capabilities of Morris II highlights the use of adversarial self-replicating prompts to infiltrate GenAI systems and manipulate them into delivering harmful payloads to other agents. This passive method of propagation, known as “0-click propagation,” allows the worm to move seamlessly to new targets within the GenAI network without the need for further intervention from cyber attackers.

One key component of the GenAI ecosystem that Morris II exploits is the retrieval augmented generation (RAG) application, which enables GenAI models to access and query additional sources of data when formulating responses. By leveraging the RAG functionality, the worm is able to extract sensitive user data, such as emails, addresses, and phone numbers, from the context provided in queries, ultimately compromising user privacy and security.

The researchers behind Morris II, hailing from the Israel Institute of Technology, Intuit, and Cornell Tech, emphasize the importance of recognizing the inherent threats posed by the underlying GenAI layer in these systems. They stress the critical need for incorporating security considerations into the design and implementation of GenAI-powered applications to prevent malicious activities like those facilitated by Morris II.

The study conducted by the research team showcases the effectiveness of Morris II in targeting GenAI-powered email assistants through two primary use cases – spamming and exfiltrating personal data. The worm was tested against three different GenAI models – Google’s Gemini Pro, OpenAI’s ChatGPT 4.0, and the open-source large language model LLaVA – to assess its capacity for carrying out malicious activities and spreading to new hosts.

In response to the growing threat posed by adversarial self-replicating prompts like Morris II, the researchers recommend implementing countermeasures to safeguard GenAI systems against potential attacks. These countermeasures include reframing output to prevent replication, implementing safeguards against jailbreaking techniques, and utilizing detection mechanisms to identify and prevent malicious propagation patterns associated with computer worms.

Ultimately, the emergence of Morris II underscores the importance of prioritizing cybersecurity within the realm of GenAI technology to ensure the safe and secure adoption of these advanced systems. By addressing vulnerabilities like those exposed by Morris II and implementing robust security measures, developers can protect GenAI ecosystems from the pervasive threats posed by malicious actors in the digital landscape.

Source link

Latest articles

Patch Tuesday Summary: Microsoft Addresses Record 569 Vulnerabilities; SAP Resolves Critical Memory Corruption Issue

In a recent update, Thomas Fritsch, an esteemed SAP researcher at Onapsis, highlighted critical...

U.S. Sanctions First VPN Service and Malware Cryptor Seller for Ransomware Support

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has taken significant action...

US Sanctions Target VPN Services Supporting Ransomware Gangs

U.S. Treasury Department Targets Cybercriminal Infrastructure with Sanctions In a decisive move against cybercrime, the...

Microsoft is Mandating an Enterprise Shift to Passkeys

Navigating the Security Landscape: The Role of Passkeys in Enterprise Authentication As organizations continue to...

More like this

Patch Tuesday Summary: Microsoft Addresses Record 569 Vulnerabilities; SAP Resolves Critical Memory Corruption Issue

In a recent update, Thomas Fritsch, an esteemed SAP researcher at Onapsis, highlighted critical...

U.S. Sanctions First VPN Service and Malware Cryptor Seller for Ransomware Support

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has taken significant action...

US Sanctions Target VPN Services Supporting Ransomware Gangs

U.S. Treasury Department Targets Cybercriminal Infrastructure with Sanctions In a decisive move against cybercrime, the...