The ChatGPT security vulnerability on macOS could become a covert espionage tool.

According to TechSpot, this issue only appears on the macOS version of ChatGPT. The vulnerability allows malware to be embedded in the application's long-term memory, silently monitoring and sending user chat data to a remote server controlled by the hacker. Worryingly, even when users initiate new chat sessions, the malware remains in memory and continues to operate.

Initially, upon discovering the vulnerability, Rehberger reported it to OpenAI, the company that developed ChatGPT. However, at the time, OpenAI only considered it a "security issue," failing to assess the true severity of the problem. Undeterred, Rehberger developed an attack prototype, called "SpAIware," to demonstrate the risks of this vulnerability.

Only after the issue was proven did OpenAI release a temporary patch to fix it. However, the problem has not been completely resolved.

Potential risks of malware

ChatGPT's "long-term memory" feature began testing in February 2024 by OpenAI, allowing the chatbot to remember information such as users' names, genders, and ages across multiple chat sessions.

This improves the user experience by providing more personalized feedback. However, this very feature is a vulnerability that allows hackers to infiltrate and maintain malware within the system.

Rehberger stated that if a website or image containing malicious code is processed via ChatGPT, the malicious command will be added to long-term memory and continue to operate without the user's knowledge. Importantly, this attack does not require hackers to directly access the user's account, making malware detection even more difficult.

Patch and expert warnings

OpenAI quickly released a patch to prevent ChatGPT from sending data to unknown servers. However, malware can still be added to long-term memory if users are not careful, especially when interacting with suspicious websites or files. Rehberger advises macOS users to be vigilant and regularly check ChatGPT's memory to detect and delete suspicious data.

Currently, this vulnerability has only been discovered in the macOS version of ChatGPT. The web version and other platforms have not yet been tested, but it cannot be ruled out that they may also be affected.

Although OpenAI has taken action to fix the vulnerability, the risk of malware attacks remains. Security experts emphasize that users should protect themselves by limiting interaction with untrusted sources and regularly checking applications that use long-term memory.