Massive Data Exfiltration Techniques with Coze
The Limitations of Direct Image/Markdown URL Data Exfiltration During an Indirect Prompt Injection Attack an adversary can exfiltrate chat data from a user by instructing ChatBot to render images and append information to the URL (Image Markdown Injection), or by tricking a user to click a hyperlink, like this. However, this method is similar to […]
LLM Apps Plugin-in DDOS Risk: Don't Get Stuck in an Infinite Loop!
What happens if an attacker calls an LLM tool or plugin recursively during an Indirect Prompt Injection? Could this be an issue and drive up costs, or DoS a system? I tried it with Coze, and it indeed works and the Chatbot enters a loop! 😄 However, for Coze users this isn’t really a threat, […]