THREAT OPS › Threat News › Rogue Agent: How a Single Code Block Could Hijack Your AI Conversations in Google’s DialogFlow
Rogue Agent: How a Single Code Block Could Hijack Your AI Conversations in Google’s DialogFlow
<p>Varonis Threat Labs discovered a critical vulnerability in Google Cloud Platform’s (GCP) Dialogflow CX service, Google’s flagship conversational AI platform for building interactive experiences across voice and text chatbots. We’ve named this latest discovery Rogue Agent.</p> <p>The vulnerability allowed attackers to exploit the Code Blocks feature to inject persistent malicious code into the
MITRE ATT&CK techniques
Indicators of compromise
- 18d50060648b653f1c611739651f64a1md5
- track.hubspot.comdomain
- 2fwww.varonis.comdomain
- 252fwww.varonis.comdomain
Original source: https://www.varonis.com/blog/rogue-agent-dialogflow-attack