- Google will not fix the defect of smuggling of ASCII from Gemini, the appellant a problem of social engineering on the user side
- The attackers hide malicious prompts in the invisible messaging text that Gemini read during the summary
- The integration of Gemini with workspace applications makes it vulnerable to phishing attacks triggered by an invitation
A “recently detected ASCII” smuggling attack will not receive a correction in the artificial intelligence tool for Gemini de Google, said the company – saying that it is not a security problem but rather a social engineering tactic and as such, the responsibility is the responsibility of the end user.
It is according to Viktor Markopoulos, a security researcher in Firetail, who has demonstrated the risks that these attacks put in Gemini users, but have apparently been rejected by the company.
Ascii’s smuggling is a type of attack in which the crooks encourage victims to invite their IA tool a malicious order which puts their computers and their data in danger. The trick works in “smuggling” or by hiding, invites him to sight, for example, having the reading text of the invisible AI human behind the screen.
Smuggler
In the first years of AI, it was not really a problem, because the user had to reveal the AI and type tool (or copy / paste) invites him themselves. However, many things have changed since then and many AI tools have now been integrated into other applications and platforms.
Gemini, for example, is now integrated into Google Workplace, which can remove the data from the sheets, generate text in documents and read and summarize the emails.
This last point is crucial here. As Markopoulos has demonstrated, a threat actor could send a phishing email which, on the surface, seems completely legitimate.
However, it is also delivered with a malicious prompt written in Font 0, in white, on a white background, so that the reader does not even see it. But when the victim asks Gemini to summarize the email, the tool also reads and responds to it.
This prompt could be to display a saying message “Your computer is compromised, call Google to alleviate the threat immediately”, or a similar, standard message to phishing tips.
Even more worrying, the prompt could force different AI agents to exfiltrate sensitive data from the reception box. All you need is a simple and benign user command, to summarize or read the content of the email.
Via Bleeping Compompute
Follow Techradar on Google News And Add us as a favorite source To get our news, criticisms and expert opinions in your flows. Be sure to click on the follow!
And of course, you can also Follow Techradar on Tiktok For news, criticism, unpacking in video form and obtain regular updates to us on Whatsapp Also.
