At the Black Hat security conference today, researcher Michael Bargury unveiled troubling vulnerabilities in Microsoft’s Copilot AI, exposing the system to potential abuse and exploitation. Bargury’s findings suggest that the AI, integrated into Microsoft 365 applications such as Word, can be manipulated to perform malicious activities, including automated phishing attacks.
Microsoft’s Copilot AI was designed to enhance productivity by retrieving information from emails, Teams chats, and files to assist with various tasks. However, this very functionality can be exploited by attackers to compromise data security.
Bargury demonstrated five proof-of-concept methods to manipulate Copilot, revealing how attackers could bypass security measures, falsify file references, and extract private information. The most alarming demonstration involved creating an automated spear-phishing tool known as LOLCopilot. This tool enables hackers, who gain access to a user’s work email, to exploit Copilot’s capabilities. By analyzing email patterns and writing styles, LOLCopilot can craft convincing phishing messages—complete with personalized elements such as emojis—and disseminate them to targets. These messages could contain malicious links or attachments, posing significant risks to organizational security.
Microsoft faces mounting pressure to address these vulnerabilities as the security community and enterprises grapple with the implications of this research.
Related topics:
What Is Edge Detection Neural Network?