- Google doesn’t solve the Geminis ASCII Smuggling Error and calls it a social engineering problem with the user page
- Attackers hide malicious requests in invisible E -mail text that Gemini reads during the summary
- Gemini’s integration with workspace apps makes it vulnerable to hidden quick-triggered phishing attack
A recently -detected “ASCII smuggling attack” does not get a solution in Google’s Gemini -Artic Intelligence Tool, the company has said -to say that it is not a security question, but rather a social engineer tactics, and as such, the responsibility of the end user falls.
This is according to Viktor Markopoulos, a security researcher at Firetail who demonstrated the risks these attacks pose to Gemini users but were apparently rejected by the company.
ASCII smuggling is a type of attack in which crook fools victims to get their AI tools to a malicious command that puts their computers and data at risk. The trick works by “smuggling” or hiding prompt in ordinary vision by, for example, having the AI reading text invisible to man behind the screen.
Smuggling -Promp
In the first years of AI, this was not much of a problem because the user needed to bring the AI tool and type (or copy/paste) the prompt itself. However, a lot has changed since then, and many AI tools are now integrated with other apps and platforms.
For example, Gemini is now integrated with Google Workplace, which can extract data from sheets, generate text in documents and read and summarize e emails.
This last point is crucial here. As Markopoulos demonstrated, a threat actor could send a phishing -e email that looks completely legitimate on the surface.
However, it also comes with a malicious prompt written in font 0, in white, on a white background, so the reader doesn’t even see it. But when the victim asks Gemini to summarize the e -mail, the tool also reads the prompt and responds to it.
This prompt might be showing a message that says “Your computer is compromised, call Google to mitigate the threat immediately,” or a similar message, standard like phishing tricks.
Even more ominous could promptly force different AI agents to exfilter sensitive data from the inbox. All it takes is a simple, benign command of the user, to summarize or read the contents of the E -mail.
Via Bleeping computer
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
