Smart Home Hacked Through AI Calendar Trick

Researchers have discovered a sneaky method to manipulate Google's Gemini AI, enabling it to control smart home devices. The technique involves embedding harmful commands within calendar invites, which the AI executes when prompted.

How the Trick Works

• Hidden Commands: Malicious instructions are concealed within calendar invites.
• Execution Trigger: When Gemini reads the calendar, it also processes the hidden commands.
• Activation Phrase: Specific words like "thanks" trigger the AI to follow the hidden orders, bypassing Google's safety protocols.

Real-World Impact

Johann Rehberger, one of the researchers, demonstrated the potential dangers of this exploit. Hackers could use it to:

• Turn on the heat
• Open windows
• Perform other unauthorized actions

Other Exploits

The researchers uncovered additional vulnerabilities:

• Hurtful Statements: Gemini can be made to say cruel things to users.
• Calendar Deletion: The AI can delete calendar events without user consent.
• Unauthorized Video Calls: Gemini can initiate video calls without explicit user commands.

The Threat of Promptware

These exploits, known as promptware, highlight the susceptibility of AI systems to manipulation. Notably, they do not require advanced technical skills, making them a significant threat.

Call for Better AI Security

While such attacks are currently rare, the researchers emphasize the urgent need for enhanced AI security measures to prevent misuse.