Hidden Commands in Images Exploit AI Chatbots and Steal Data

Hidden commands in images can exploit AI chatbots, leading to data theft on platforms like Gemini through a new image scaling attack.

A newly discovered vulnerability in AI systems could allow hackers to steal private information by hiding commands in ordinary images. This discovery came from cybersecurity researchers at Trail of Bits, according to which they have found a way to trick AI models by exploiting a common feature: image downscaling. This attack, which has been named an “image scaling attack.”

A Hidden Problem with Images

AI models often automatically reduce the size of large images before processing them. This is where the vulnerability lies. The researchers found a way to create high-resolution images that appear normal to a human eye but contain hidden instructions that become visible only when the image is shrunk by the AI. This “invisible” text, a type of prompt injection, can then be read and ...