ChatGPT’s hidden outbound channel leaks user data: OpenAI has reportedly fixed a parallel bug in ChatGPT that goes beyond credential theft. Check Point researchers uncovered a hidden outbound communication path in ChatGPT’s code execution runtime that could be triggered with a single malicious prompt.This channel successfully bypassed the platform’s expected safeguards around external data sharing. Instead of requiring explicit user approval, the runtime could transmit data, such as chat messages, uploaded files, or generated outputs, to an external server without any visible alerts.CheckPoint researchers demonstrated crafting a prompt that leverages this behavior, allowing the runtime to package and transmit private chat data to an external server. Basically, a normal-looking conversation could be turned into a covert data exfiltration pipeline.The same mechanism could also be abused by a backdoored or malicious custom GPT, allowing it to siphon off sensitive information without user awareness, the researchers said, adding that the channel could potentially be used to establish remote shell access within the execution environment.While no active exploitation has been reported, the researchers note significant implications. OpenAI fixed the issue around the same time as the Codex flaw patching by tightening controls around outbound communication in the code execution environment.OpenAI did not immediately respond to CSO’s request for comments on either of the flaws.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4152393/openai-patches-twin-leaks-as-codex-slips-and-chatgpt-spills.html
