AI

Hackers are hammering Google’s Gemini with prompts to steal the LLM. Every AI company should be worried

By Ava Levinson
Google said in its report that it considers the attacks intellectual property theft, which goes against its terms of service. — Pixabay

Google reported on Feb 13 that bad actors are mass-prompting Gemini, sometimes over 100,000 times, in an effort to clone the AI chatbot. As tech companies race to build and launch stronger AI models, their IP becomes increasingly accessible to the public and vulnerable to such attacks.

Google called the attacks “model extraction,” a process Medium defines as: “an attacker distills the knowledge from your expensive model into a new, cheaper one they control.” It’s becoming an increasing threat to major AI companies which spend billions of dollars on training their models but lack sufficient methods to protect their proprietary information. 

“Let’s say your LLM has been trained on 100 years of secret thinking of the way you trade,” John Hultquist, chief analyst of Google’s Threat Intelligence Group, told NBC News. “Theoretically, you could distill some of that.”

Google said in its report that it considers the attacks intellectual property theft, which goes against its terms of service. The issue, however, lies in developing enforcement mechanisms and successfully proving the attacker intended to steal the IP. 

A growing threat to AI

The hackers exploit AI chatbots’ directive to provide users with information, working to pull out details about how the AI operates to apply it to their own models.

The resulting models aren’t exact replicas, but they’re similar enough to pose a threat to the original chatbots. Google, for example, could lose its audience if a cheaper, related model hit the market.

It’s a significant threat at a time when building competent AI models quickly is at the top of the agenda for several tech companies.

While reported cases revolve around major companies now, Google believes smaller AI models will soon be vulnerable to similar attacks.

“We’re going to be the canary in the coal mine for far more incidents,” Hultquist told NBC News.

Prior attacks

Google isn’t the first company to report such bad actors. Last year, OpenAI accused Chinese company DeepSeek of trying to better its model through launching distillation attacks.  

DeepSeek claimed it had trained its AI chatbot, which quickly became a top performer, with less money and hardware than larger companies had, according to The Guardian.

OpenAI spokeswoman Liz Bourgeois told The New York Times that the company takes “aggressive, proactive countermeasures to protect our technology and will continue working closely with the US government to protect the most capable models being built here.”

OpenAI has not disclosed further updates about the case or whether the attacks have been confirmed. – Inc./Tribune News Service

Related stories:
Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
AI is giving you a personalised Internet, but you have no say in it
Starboard to push for shake-up of Tripadvisor's board, WSJ reports
Parents who blame Snapchat for their children's deaths protest outside company's headquarters in the US
Ireland opens probe into Musk's Grok AI over sexualised images
Anthropic's revenue run-rate doubled in India in 4 months, says CEO Amodei
Musk's X back up after brief outage in US and UK, Downdetector shows
German Social Democrat paper adds to calls for social media curbs for children
Big tech stocks lose billions as AI spending fears hit valuations
India's AI Summit opening in New Delhi marred by long queues, confusion
Iraqi-UAE consortium plans $700 million data cable amid AI boom

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.