Incident 352: GPT-3-Based Twitter Bot Hijacked Using Prompt Injection Attacks

Description: Remoteli.io's GPT-3-based Twitter bot was shown being hijacked by Twitter users who redirected it to repeat or generate any phrases.

Tools

New Report New Response DiscoverView History

Entities

View all entities

Alleged: OpenAI developed an AI system deployed by , which harmed Stephan de Vries.

Incident Stats

Incident ID

352

Report Count

Incident Date

2022-09-15

Editors

Khoa Lam

Applied Taxonomies

MIT

MIT Taxonomy Classifications

Machine-Classified

Taxonomy Details

Risk Subdomain

2.2. AI system security vulnerabilities and attacks

Risk Domain

Privacy & Security

Entity

Human

Timing

Post-deployment

Intent

Intentional

Incident Reports

Reports Timeline

Evaluating the Susceptibility of Pre-Trained Language Models via Handcrafted Adversarial Examples

arxiv.org

Prompt injection attacks against GPT-3

simonwillison.net

Twitter pranksters derail GPT-3 bot with newly discovered “prompt injection” hack

arstechnica.com

GPT-3 'prompt injection' attack causes bot bad manners

theregister.com

arxiv.org · 2022

Recent advances in the development of large language models have resulted in public access to state-of-the-art pre-trained language models (PLMs), including Generative Pre-trained Transformer 3 (GPT-3) and Bidirectional Encoder Representati…

simonwillison.net · 2022

Riley Goodside, yesterday:

Exploiting GPT-3 prompts with malicious inputs that order the model to ignore its previous directions. pic.twitter.com/I0NVr9LOJq

- Riley Goodside (@goodside) September 12, 2022

Riley provided several examples. …

arstechnica.com · 2022

On Thursday, a few Twitter users discovered how to hijack an automated tweet bot, dedicated to remote jobs, running on the GPT-3 language model by OpenAI. Using a newly discovered technique called a "prompt injection attack," they redirecte…

theregister.com · 2022

In Brief OpenAI's popular natural language model GPT-3 has a problem: It can be tricked into behaving badly by doing little more than telling it to ignore its previous orders.

Discovered by Copy.ai data scientist Riley Goodside, the trick i…

Variants

A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.

Similar Incidents

By textual similarity

Did our AI mess up? Flag the unrelated incidents

Similar Incidents

By textual similarity

Did our AI mess up? Flag the unrelated incidents

Incident 352: GPT-3-Based Twitter Bot Hijacked Using Prompt Injection Attacks

Tools

Entities

Incident Stats

MIT Taxonomy Classifications

Incident Reports

Reports Timeline

Evaluating the Susceptibility of Pre-Trained Language Models via Handcrafted Adversarial Examples

Prompt injection attacks against GPT-3

Twitter pranksters derail GPT-3 bot with newly discovered “prompt injection” hack

GPT-3 'prompt injection' attack causes bot bad manners

Evaluating the Susceptibility of Pre-Trained Language Models via Handcrafted Adversarial Examples

Prompt injection attacks against GPT-3

Twitter pranksters derail GPT-3 bot with newly discovered “prompt injection” hack

GPT-3 'prompt injection' attack causes bot bad manners

Variants

Similar Incidents

By textual similarity

TayBot

Biased Sentiment Analysis

Game AI System Produces Imbalanced Game

Similar Incidents

By textual similarity

TayBot

Biased Sentiment Analysis

Game AI System Produces Imbalanced Game