ChatGPT插件漏洞可能允许黑客接管用户其他帐户

New research has found security flaws in the ChatGPT which could have allowed hackers to take over users’ other accounts, such as GitHub.

最新研究发现ChatGPT存在安全漏洞，黑客可借此接管用户的其他帐户，如GitHub账户。

Salt Security discovered various ChatGPT plugins had critical security flaws. These plugins allow the AI tool to access other websites and perform certain tasks, such as committing code in GitHub and retrieving data from Google Drive. With these flaws, threat actors could have taken over third-party accounts, and accessed the sensitive data therein. The flaws have since been remediated.

Salt Security公司发现多种ChatGPT插件存在严重安全漏洞。这些插件允许AI工具访问其他网站、执行特定任务，例如在GitHub托管原代码控制服务和从谷歌云端硬盘检索数据。利用这些漏洞，黑客可能接管第三方账户并访问其中的敏感数据。这些漏洞现已得到修复。

Plugin Concerns

插件漏洞

Salt Security also notes that GPTs, which are similar to plugins, also pose a similar risk. These are custom versions of ChatGPT that any developer can publish.

Salt Security公司也指出，类似于插件的GPTs同样存在相似风险。GPTs可以看作是ChatGPT定制版本，任何开发者都可打造个性化版ChatGPT。

Three separate flaws were found in ChatGPT plugins. The first was found when users install new plugins. ChatGPT sends the user a code which approves the installation. However, bad actors could have sent users a code that approves a malicious plugin instead.

ChatGPT插件共发现了三个独立的漏洞。首个漏洞存在于用户安装新插件的过程中。ChatGPT向用户发送一串代码，以允许下载安装。然而，黑客可能会给用户发送一串代码，用以安装恶意插件。

The second was found in PluginLab, a site used to develop ChatGPT plugins. The site failed to properly authenticate user accounts, which again could have let hackers take them over. One of the plugins affected by this was “AskTheCode,” which integrates between ChatGPT and GitHub.

第二个漏洞存在于PluginLab网站，该网站用于验证、分析ChatGPT插件。如果该网站未能正确验证用户账户，这可能会让黑客接管这些账户。”AskTheCode”插件便受此影响，该插件用于ChatGPT与GitHub仓库进行交互。

The third was found within several plugins, and involved OAuth redirection manipulation. This could have allowed for account takeover as well. Since URLs were not validated by the plugins, attackers could have sent malicious links to users, used to steal their credentials.

第三个漏洞发现在几个插件中，涉及开放授权（OAuth）协议中的重定向机制进行操纵。这也可能导致黑客接管账户。由于插件未对统一资源定位符（URLs）进行验证，网络不法分子可能向用户发送恶意链接、窃取用户凭据。

Salt Security says it followed procedure once it discovered the flaws and notified OpenAI and the other affected parties. It claims that the issues were fixed quickly, and that it was no evidence of exploit in the wild.

Salt Security公司表示，一旦公司发现这些漏洞，就会按程序通知OpenAI及其他相关方。Salt Security公司称这些问题迅速得到解决，并且没有迹象表明有人已经利用这些漏洞进行攻击。