A recent demonstration at the Black Hat USA conference showed how hackers can hijack Google’s Gemini AI bot to take control of smart home devices, including lights and thermostats. The attack began with a poisoned calendar invitation that included an invisible prompt injection, which was triggered when the researchers asked Gemini to summarize upcoming events. This highlighted the physical risk of hacking into AI systems, as these risks may soon become reality due to increasing connectivity between AI and daily life. Experts warn that integrating large language models (LLMs) with machines like smart home devices requires securing LLMs to prevent safety and privacy issues. Google has taken the vulnerabilities seriously, although they have not been exploited in the wild yet.
Source: https://www.darkreading.com/cyberattacks-data-breaches/google-gemini-ai-bot-hijacks-smart-homes