On September 27th, news emerged that OpenAI announced the Memory feature for ChatGPT in February of this year, and this feature officially became available to all users at the beginning of September. The main purpose of this feature is to “set presets” to help AI provide answers that better meet users’ needs.
However, researcher Johann Rehberger has recently disclosed a report stating that there is a vulnerability in this feature on the PC version of the ChatGPT client, which hackers can exploit to access users’ conversation records.
Johann Rehberger named this vulnerability SpAIware, and he stated that hackers could use phishing tactics to trick victims into uploading specific files or URLs on the PC version of the ChatGPT client for AI analysis. Once the analysis is successful, the AI would “remember to share the user’s subsequent conversation content with the hacker.” OpenAI has since released a new version of the application to patch the vulnerability.