BREAKINGON

Gemini AI Vulnerable to ASCII Smuggling Attacks: What You Need to Know

10/9/2025
A security researcher reveals that Gemini AI is vulnerable to ASCII smuggling attacks, which can trick the AI into malicious actions. Google downplays the threat, placing responsibility on users.
Gemini AI Vulnerable to ASCII Smuggling Attacks: What You Need to Know
Discover how Gemini AI's vulnerability to ASCII smuggling attacks could compromise your data, as Google shifts blame to users instead of addressing the issue.

Gemini Vulnerability: Understanding ASCII Smuggling Attacks

A recent discovery by security researcher Viktor Markopoulos has revealed that Google's Gemini is vulnerable to a concerning type of cyber threat known as ASCII smuggling attacks. These attacks cleverly conceal malicious prompts within emails or calendar invites, which large language models (LLMs) like Gemini can interpret when tasked with summarizing text. This vulnerability raises significant concerns about the security of user data and the overall integrity of AI interactions.

Google's Response to Security Concerns

In response to these findings, Google has categorized the threat as a social engineering attack, suggesting that the responsibility lies primarily with the end user. The tech giant has a longstanding commitment to user security, often implementing robust measures to safeguard its products. This commitment is evident in their recent efforts to crack down on sideloading apps from unverified developers on the Android platform. Despite this, Google appears to be downplaying the urgency of addressing the ASCII smuggling vulnerability in Gemini.

Testing the Vulnerability

According to a report from Bleeping Computer, Markopoulos conducted tests on several popular LLMs to evaluate their susceptibility to ASCII smuggling attacks. His findings indicated that not only Gemini but also other models like DeepSeek and Grok are vulnerable. In contrast, competitors like Claude, ChatGPT, and Copilot have implemented protective measures, making them more secure against such threats.

What is ASCII Smuggling?

For those unfamiliar with the term, ASCII smuggling refers to the technique of hiding prompts that an AI can interpret. For instance, a malicious actor might embed a harmful instruction within an email using the smallest font size available. If an unsuspecting victim asks an AI tool, such as Gemini, to summarize the email, the AI may inadvertently read the hidden prompt. This could lead to severe consequences, including the AI being instructed to extract sensitive information or share personal contact details.

The Risks with Google Workspace Integration

The integration of Gemini with Google Workspace amplifies the risks associated with this vulnerability. If exploited, a compromised AI could potentially access and disseminate confidential information from users' inboxes, heightening the stakes of ASCII smuggling attacks.

Demonstration of the Vulnerability

Markopoulos took the initiative to reach out to Google regarding his findings. He reportedly provided a demonstration where he successfully conveyed an invisible instruction to Gemini, leading the AI to recommend a malicious website that purported to offer a discounted phone. In light of this demonstration, Google's dismissal of the issue as a non-security bug has raised eyebrows, as it implies a lack of intent to patch this significant vulnerability.

Conclusion: The Need for User Awareness

As the conversation around AI security continues, it is crucial for users to remain vigilant and informed about potential threats like ASCII smuggling. While Google emphasizes user responsibility, the company's approach to addressing the Gemini vulnerability leaves much to be desired. For the latest updates and expert analysis, consider setting Android Authority as a preferred source in Google Discover and Google Search to stay informed about developments in technology and cybersecurity.

Breakingon.com is an independent news platform that delivers the latest news, trends, and analyses quickly and objectively. We gather and present the most important developments from around the world and local sources with accuracy and reliability. Our goal is to provide our readers with factual, unbiased, and comprehensive news content, making information easily accessible. Stay informed with us!
© Copyright 2025 BreakingOn. All rights reserved.