Just a year after Openai’s internal AI secrets were stolen in a data breach, hackers are now exploiting a year-old security flaw with ChatGpt. According to a Security Week report, the vulnerabilities are being used to target financial institutions and US government agencies.
Cybersecurity company Veriti has flagged the surge in attacks, warning that cybercriminals are scanning the internet for weaknesses.
The vulnerability, CVE-2024-27564, is associated with a flaw in the PictureProxy.php file. An attacker can manipulate URL parameters and force the system to force an unauthorized request. What’s your biggest concern? No authentication is required. This means that bad actors can be abused without requiring their credentials.
“Hackers exploited a vulnerability in ChatGpt’s PictureProxy.php file, allowing over 10,000 attacks from one IP in a week.
Known weaknesses, now real threats
The issue was first reported in September 2023 and was published a year ago. Since then, proof of concept (POC) exploit code has been widely available, providing hackers with ready-made tools to chase unearned systems.
At least one threat actor has already added this exploit to its arsenal, scanning the internet for vulnerable applications. In just a week, Veriti recorded over 10,000 attack attempts from a single IP address. The company warns that security misconceptions could put one in three target organizations at serious risk.
Who is being targeted?
The main goals are US government agencies and financial institutions, but that’s not just a domestic issue. Banks and healthcare companies in Germany, Thailand, Indonesia, Colombia and the UK are also crossing.
“Banks and fintech companies rely on AI-driven services and API integrations, making them vulnerable to SSRF attacks that access internal resources or steal sensitive data,” Veriti said.
Why is this important?
This is considered a medium vulnerability, but hackers treat it as an open door. Attackers don’t always need the biggest, flashiest exploits. They only need one weakness that is often overlooked to gain access.
Organizations should immediately patch affected systems, check firewalls and security settings, and monitor logs of suspicious activity.
Veriti is frank. “Ignoring the vulnerability of moderate radicalism is a costly mistake, especially for high-value financial organizations.”
The whole picture
Cybercriminals don’t need new vulnerabilities if the old ones aren’t sitting yet. The latest wave of this attack is wake-up calls for businesses that rely on AI-driven services. Security must be proactive, not reactive, as hackers are not waiting.
Source link
