Willing to consider multiple security solutions. Communication and…
The Adversa AI Red Team has performed a proof-of-concept attack on PimEyes, the most popular and advanced public picture face search engine.
FREMONT, CA: Adversa AI, a trusted AI research leader, has presented a novel attack method for AI facial recognition applications. It causes an AI-driven facial recognition algorithm to misidentify people by introducing subtle alterations in human faces. Compared to previous similar approaches, this method is portable across all AI models while also being far more precise, stealthy, and resilient.
The Adversa AI Red Team has performed a proof-of-concept attack on PimEyes, the most popular and advanced public picture face search engine. Clearview, a commercial facial recognition database sold to law enforcement and governments, is likewise similar. Unfortunately, PimEyes duped, and the CEO of Adversa was mistaken for Elon Musk in the photo.
The attack is unique because it is a black-box assault created without a thorough knowledge of the search engine’s algorithms. As a result, the vulnerability may get utilized with a variety of facial recognition engines. Because the attack allows malefactors to disguise themselves in various ways, we’ve given it the name Adversarial Octopus, a reference to the animal’s stealth, precision, and adaptability.
The existence of such flaws in AI systems, particularly facial recognition engines, could have disastrous implications and be utilized in poisoning and evasion scenarios like the ones below:
- Hacktivists could cause havoc in AI-powered internet platforms that employ facial attributes as input for any judgments or further training. In addition, by changing their profile images, attackers can poison or bypass the algorithms of large Internet corporations.
- In banks, trading platforms, and other services that provide verified remote help, cybercriminals can steal human identities and evade AI-driven biometric authentication or identity verification systems. In every case where classic deepfakes can be helpful, this attack can be even more subtle.
- Dissidents use it to conceal their online activities in social media from police enforcement. The virtual world we now live in resembles a mask or a…
As a high school student, Jack Cable ’21 hacked the Pentagon through a government-sponsored program created to find bugs in Air Force security networks. Upon arriving at Stanford, he set up a bug bounty program and worked with large enterprises to secure their digital systems. In April, he hacked ransomware, saving victims over $27,000.
Certainly, Cable isn’t your ordinary student. In 2018, Time Magazine named him among the world’s 25 most influential teens. In his spare time, he consults for the Department of Homeland Security, working to secure election systems.
The Daily sat down with Cable to discuss his latest achievement: hacking the QLocker ransomware, work for which the Secretary of Homeland Security recognized him as a “tremendous example of how even a single person can make a huge difference.”
The ransomware, which Cable said likely originated from eastern Europe, locked victims’ files until they paid the hackers.
Cable first heard about the ransomware from a family friend whose computer was affected by the attack. The family friend, who is a physician, was ready to pay the requested 0.01 Bitcoin for the laptop’s release, as he had sensitive patient data on his laptop.
When Cable heard about the incident, he tried his hand at cracking the ransomware. After trying an arsenal of techniques to crack the system, it came to him.
“Thinking through some of the stuff I’ve seen with bug bounties — that people don’t consider all the edge cases — I tried changing a letter in the bitcoin address from lowercase to uppercase,” he said.
The subtle change immediately unlocked the files, fooling the system into thinking the victims had paid for their laptops’ release.
Cable took it a step further, tweeting that any others affected by the virus should contact him. He was able to recover $27,000 before the hackers fixed their vulnerabilities.
Cable has made a name for himself in the world of “white hat,” or ethical hacking, both in and out of Stanford. Stanford Chief Information Security Officer Michael Tran Duff wrote that Cable helped inaugurate the University’s bug bounty program, one of the first of its kind in higher education. The program…