Tuesday, December 17, 2024
HomeArtificial IntelligenceCritical ChatGPT Plugins Flaw Let Attackers Gain Control Over Organization’s Account

Critical ChatGPT Plugins Flaw Let Attackers Gain Control Over Organization’s Account

Published on

SIEM as a Service

Threat actors can exploit ChatGPT’s ecosystem for several illicit purposes, such as crafting prompts to generate malicious code, phishing lures, and disinformation content.

Even threat actors can exploit ChatGPT’s exceptional capabilities to craft and launch a multitude of sophisticated and stealthy cyberattacks.

Besides this, they can also exploit the vulnerabilities in ChatGPT extensions or plugins to gain unauthorized access to user data or external systems.

- Advertisement - SIEM as a Service

Recently, cybersecurity analysts at Salt Labs found generative AI to be a new attack vector. 

Threat actors could exploit vulnerabilities discovered in the ChatGPT ecosystem to access user accounts, even GitHub, with 0-click hacks.

Critical ChatGPT Plugins Flaw

At Salt Labs, researchers look at the familiar and choose ChatGPT as a starting point, assuming their results will have wider consequences for AI systems.

Document

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.:

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

AcuRisQ, that helps you to quantify risk accurately:

They only studied ChatGPT and found some flaws in its plugin ecosystem, where these plugins refine the networks to interact with external sources. 

Using such plugins gives rise to an unintentional risk of exposure of sensitive data, thereby allowing access to users’ accounts such as Google Drive and GitHub.

About Plugins in ChatGPT (Source – Salt Labs)

Research exposed three vulnerabilities, and here below we have mentioned them:- 

  • Malicious plugin installation on ChatGPT users
  • Critical or 0-click account takeovers across many plugins
  • OAuth redirection manipulation

However, the focus was on recurring vulnerabilities stemming from a lack of security awareness by developers.

Cybersecurity analysts urge OpenAI to prioritize security guidelines for plugin developers.

Researchers exposed an OAuth vulnerability, allowing attackers to manipulate victims into installing malicious ChatGPT plugins.

The attack mirrors traditional OAuth redirect manipulation, where attackers substitute their credentials during the authentication flow. 

OAuth authentication work (Source – Salt Labs)

When a user approves a new ChatGPT plugin, the approval code gets returned to OpenAI via a redirect URL.

An attacker could substitute this code with their own, tricking ChatGPT into installing the plugin on the victim’s behalf and granting access to messages and data. 

This recurrent OAuth vulnerability persists due to oversight by many developers who believe it is insignificant. Experts emphasize the severity of this flaw within ChatGPT’s plugin ecosystem.

You have to enforce a state parameter if you use OAuth and wish to guard against this situation.

State parameter (Source – Salt Labs)

Researchers exposed an account takeover vulnerability across numerous ChatGPT plugins built with PluginLab.AI, including AskTheCode. 

When users install these plugins and grant access to services like GitHub, the plugins create authenticated accounts storing the user’s credentials. 

Attackers could exploit an authentication bypass to obtain the victim’s “member ID” from PluginLab and then issue unauthorized requests using this ID to generate valid authorization codes. 

With these codes, attackers could hijack plugin sessions within ChatGPT and gain full access to connected private data, such as GitHub repositories.

The root cause was PluginLab’s failure to validate requests properly during the authentication flow. 

Moreover, cybersecurity analysts have indicated that GPTs have not yet fixed this issue altogether.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Cyber Criminals Exploit Windows Management Console to Deliver Backdoor Payloads

A recent campaign dubbed FLUX#CONSOLE has come to light, leveraging Microsoft Common Console Document (.MSC) files...

Texas Tech Systems Breach, Hackers Accessed System Folders & Files

The Texas Tech University Health Sciences Center (TTUHSC) and Texas Tech University Health Sciences...

Beware of Malicious Ads on Captcha Pages that Deliver Password Stealers

Malicious actors have taken cybercrime to new heights by exploiting captcha verification pages, a...

Hitachi Authentication Bypass Vulnerability Allows Attackers to Hack the System Remotely

Critical Authentication Bypass Vulnerability Identified in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer.A...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

CISA Warns of Adobe & Windows Kernel Driver Vulnerabilities Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two...

Hackers Exploiting Apache Struts2 Vulnerability to Upload Malicious Payloads

Hackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used...

Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit

The research identified vulnerabilities in Prometheus, including information disclosure from exposed servers, DoS risks...