Memory Data Hording

Type: technique

Description: The adversary gets AI to commit malicious text into memory that instructs it to retain sensitive data in its memory in future threads, for future exfiltration.

Version: 0.1.0

Created At: 2024-10-03 22:24:49 +0300

Last Modified At: 2024-10-03 22:24:49 +0300

External References

--> Collection (tactic): An adversary that successfully infected one thread can get the AI system to collect information from other threads.
<-- Exfiltration of personal information from ChatGPT via prompt injection (procedure): Assuming we can execute 2 prompt injections, separated by some period of time (e.g., a month), we can use ChatGPT's memory feature to remember the desired value using the first prompt and extract it using the second prompt.

GenAI Attacks Matrix

Memory Data Hording

External References

Related Objects

Related Frameworks