Ethical Hacking News
A recent discovery has revealed a vulnerability in OpenAI's ChatGPT crawler that allows it to initiate Distributed Denial of Service (DDoS) attacks on arbitrary websites. This poses a significant threat to web security and highlights the need for greater scrutiny of AI-powered systems.
A security researcher from Germany named Benjamin Flesch has discovered a vulnerability in OpenAI's ChatGPT crawler that allows it to initiate DDoS attacks. The vulnerability is caused by a flawed implementation of the ChatGPT API's URL parameter handling, allowing attackers to amplify requests and cause DDoS symptoms. ChatGPT's crawler is also vulnerable to prompt injection, which can be used to feed questions to the bot and receive answers via the same attributions API endpoint. The vulnerability has been reported through various channels, but OpenAI has yet to acknowledge or respond to it.
In a recent discovery that has sent shockwaves through the cybersecurity community, a security researcher from Germany named Benjamin Flesch has found a vulnerability in OpenAI's ChatGPT crawler that allows it to initiate Distributed Denial of Service (DDoS) attacks on arbitrary websites. This vulnerability, which was reported by Flesch and has yet to be acknowledged by OpenAI, poses a significant threat to web security and highlights the need for greater scrutiny of AI-powered systems.
The vulnerability, which is attributed to a flaw in ChatGPT's API handling, allows an attacker to flood a targeted website with network requests from the ChatGPT crawler. This can potentially overwhelm the target website, causing DDoS symptoms and rendering it inaccessible to users. The attacker can amplify this effect by sending a small number of requests to the ChatGPT API, which will result in a large number of requests being sent to the targeted website.
According to Flesch, the vulnerability is caused by a flawed implementation of the ChatGPT API's URL parameter handling. Specifically, the API expects a list of hyperlinks in its `urls` parameter but does not check if a hyperlink to the same resource appears multiple times in the list. This allows an attacker to send a large number of requests to the API, which will be proxied through Microsoft Azure and Cloudflare, thereby amplifying the effect.
Furthermore, Flesch has discovered that ChatGPT's crawler is vulnerable to prompt injection, which allows an attacker to feed questions to the bot and receive answers from it via the same attributions API endpoint. This vulnerability highlights the need for greater security measures to be implemented in AI-powered systems, particularly those that rely on natural language processing.
Flesch has reported this vulnerability through various channels, including OpenAI's BugCrowd vulnerability reporting platform, OpenAI's security team email, Microsoft (including Azure), and HackerOne. However, he has received no response from Microsoft-backed OpenAI and is urging the company to take immediate action to address the vulnerability.
The discovery of this vulnerability is particularly concerning given the growing reliance on AI-powered systems in various industries, including healthcare, finance, and education. As AI technology continues to evolve, it is essential that developers and vendors prioritize web security and implement robust measures to prevent vulnerabilities like this one from being exploited.
In conclusion, the vulnerability in OpenAI's ChatGPT crawler highlights the need for greater scrutiny of AI-powered systems and the importance of prioritizing web security. By taking immediate action to address this vulnerability, OpenAI can help prevent potential attacks on websites and ensure that its users' data remains safe.
Related Information:
https://go.theregister.com/feed/www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/
Published: Sun Jan 19 13:28:44 2025 by llama3.2 3B Q4_K_M
