ChatGPT's long-term memory feature is a new feature introduced by OpenAI in February 2024 and expanded in September.
Recently, security researcher Johann Rehberger recently revealed a serious vulnerability related to this feature.
It is known that this new feature helps chatbots store information from previous conversations. Thanks to that, users do not have to re-enter information such as age, interests or personal views every time they chat. However, this has become a weakness for attackers to exploit.
Johann Rehberger has shown that hackers can use a technique called prompt injection—inserting malicious instructions into the memory, forcing the AI to obey. These commands would be delivered through untrusted content such as emails, documents, or websites.
Once these fake memories are stored, the AI will continue to use them as real messages in conversations with users, which could lead to the collection and misuse of users' personal data.
Rehberger provided a concrete example by sending a link containing a malicious image that caused ChatGPT to store a false memory. This information would affect ChatGPT's future responses. In particular, any information the user entered would also be sent to the hacker's server.
Accordingly, to trigger the attack, the hacker only needs to convince ChatGPT users to click on a link containing a malicious image. After that, all the user's chats with ChatGPT will be redirected to the attacker's server without leaving any trace.
Rehberger reported the bug to OpenAi in May 2024, but the company only considered it a security issue. After receiving evidence that user data could be stolen, the company released a temporary patch on the web version of ChatGPT.
While the issue has been temporarily fixed, Rehberger notes that untrusted content can still use Prompt injection to insert fake information into ChatGPT's long-term memory. This means that in certain cases, hackers can still exploit the vulnerability to store malicious memories to steal personal information long-term.
OpenAI recommends that users regularly check ChatGPT's stored memories for false positives, and the company also provides detailed instructions on how to manage and delete stored memories.
Source: https://kinhtedothi.vn/nguoi-dung-chatgpt-co-nguy-co-bi-danh-cap-thong-tin.html
![[Photo] General Secretary To Lam receives US Ambassador to Vietnam Marc Knapper](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/c8fd0761aa184da7814aee57d87c49b3)
![[Photo] National Assembly Chairman Tran Thanh Man chairs the 8th Conference of full-time National Assembly deputies](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/2c21459bc38d44ffaacd679ab9a0477c)
![[Photo] General Secretary To Lam attends the ceremony to celebrate the 80th anniversary of the post and telecommunications sector and the 66th anniversary of the science and technology sector.](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/8e86b39b8fe44121a2b14a031f4cef46)
![[Photo] Many streets in Hanoi were flooded due to the effects of storm Bualoi](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/18b658aa0fa2495c927ade4bbe0096df)
![[Photo] General Secretary To Lam chairs the meeting of the Central Steering Committee on preventing and combating corruption, waste and negativity](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/9/29/fb2a8712315d4213a16322588c57b975)
Comment (0)