ChatGPT Jailbreak: Researchers Bypass AI Safeguards Using Hexadecimal Encoding and Emojis
-
New jailbreak technique tricked ChatGPT into generating Python exploits and a malicious SQL injection tool.
Malicious instructions encoded in hexadecimal format could have been used to bypass ChatGPT safeguards designed to prevent misuse.
The new jailbreak was disclosed on Monday by Marco Figueroa, gen-AI bug bounty programs manager at Mozilla, through the 0Din bug bounty program.
Launched by Mozilla in June 2024, 0Din, which stands for 0Day Investigative Network, is a bug bounty program focusing on large language models (LLMs) and other deep learning technologies.
0Din covers prompt injection, denial of service, training data poisoning, and other types of security issues, offering researchers up to $15,000 for critical findings. It’s unclear how much a jailbreak such as Figueroa’s would be worth.
AI chatbots such as ChatGPT are trained not to provide information that is potentially hateful or harmful. However, researchers have been finding various ways to bypass these guardrails through the use of prompt injection, which relies on various techniques to deceive the chatbot.
The jailbreak that Figueroa detailed in a blog post published on Monday on the 0Din website targets ChatGPT-4o and involves encoding malicious instructions in hexadecimal format.
Full article at:
https://www.securityweek.com/first-chatgpt-jailbreak-disclosed-via-mozillas-new-ai-bug-bounty-program/