Is ChatGPT a Security Threat?

ChatGPT took the world by storm, and for good reason: The generative AI chatbot is capable of many feats, and continues to improve as more and more people test out how artificial intelligence can improve their productivity.

However, new research from Salt Labs may suggest ChatGPT isn’t as secure as you might think: Security flaws within ChatGPT itself, as well as the ecosystem of software, could potentially enabled bad actors to create and install malicious plugins without your knowledge or consent. Perhaps that’s part of the reason OpenAI is sunsetting ChatGPT plugins, which are third-party tools to give ChatGPT more functionality.

One of the flaws in question involves exploiting the OAuth workflow, which can dupe a ChatGPT user into installing a malicious plugin, as ChatGPT doesn’t check that the user itself actually decided to install the plugin. Bad actors can exploit this vulnerability to “intercept and exfiltrate all data” that the victim shares to the plugin. Worse yet, a PluginLab flaw could allow bad actors to execute zero-click attacks on user accounts, which means users wouldn’t have to do anything at all in order to be attacked.

Finally, researchers discovered an OAuth redirection manipulation bug that could allow a bad actor to scrape your account credentials through one of these malicious plugins.

These are not the only security flaws we’ve seen with ChatGPT. In just the past few weeks alone, we learned about two cross-site scripting vulnerabilities that could allow bad actors to take over any ChatGPT accounts.

While most of the actionable steps here are directed towards developers, it’s still recommended to avoid third-party ChatGPT plugins when possible, or, at the very least, vet your plugins before installing.