Google Gemini for Workspace could be abused to generate electronic mail summaries that seem reliable however include malicious directions or warnings. The issue is that attackers can redirect their victims to phishing websites with out attachments or direct hyperlinks. The vulnerability was submitted to 0DIN (0Day Investigative Community), Mozilla’s GenAI bug bounty program.
Though comparable oblique immediate assaults on Gemini have been already reported in 2024 and security measures have been taken, the method remains to be viable immediately, in accordance with the knowledgeable.
How the assault works
In a weblog put up, GenAI bug bounty technical product supervisor Marco Figueroa explains that the assault depends on crafted HTML / CSS inside the e-mail physique. As a result of the injected textual content is hidden the person by no means sees the instruction within the unique message. The set off occurs when the person requests Gemini to summarize their unread emails, they obtain a manipulated response that seems to be reliable, originating from Gemini itself.
