OpenAI’s Copilot AI coding assistant can offer private keys to real cryptocurrency wallets. Writes about it The Register.
According to one of the developers, Copilot suddenly offered something similar to the private key of a cryptocurrency wallet. Turned out it was linked to a real account.
“I was shocked. The private key is like a lock in your treasury: if it is leaked, your assets can be stolen,” the programmer said.
Another developer suggested that Copilot pulled information from open GitHub repositories. The AI assistant remembered the public data and, when requested, brought “them to the surface,” he added.
Apparently, the private key did show up in the public GitHub repositories. The programmers assumed that it was created for testing purposes. The wallet is active and has been used to send and receive real tokens.
Some developers have also managed to find private keys. They turned out to be connected to other crypto wallets, some of which contained a small amount of money.
Former OpenAI researcher Ari Herbert-Voss suggested that the keys were leaked because they were kept in the public domain.
“People are thrilled that this is another way to find drain wallets, but take note, they were all in the public domain anyway,” he said.
Herbert-Voss suggested that the potentially valuable accounts had already been emptied.
“The real risk is that someone doesn’t pay attention and continues to use the compromised wallet,” he added.
OpenAI previously announced that it will add a personal information filter to Copilot that will exclude personal data such as phone numbers and home addresses from training sets.
Recall that in June 2021, GitHub introduced the Copilot code autocomplete tool. The assistant was created in collaboration with OpenAI based on the Codex language model.
In July, the tool was suspected of copying copyrighted code snippets.
In October, researchers found that 30% of new code on GitHub was written using Copilot.
Subscribe to Cryplogger news in Telegram: Cryplogger AI – all the news from the world of AI!
Found a mistake in the text? Select it and press CTRL+ENTER
OpenAI’s Copilot AI coding assistant can offer private keys to real cryptocurrency wallets. Writes about it The Register.
According to one of the developers, Copilot suddenly offered something similar to the private key of a cryptocurrency wallet. Turned out it was linked to a real account.
“I was shocked. The private key is like a lock in your treasury: if it is leaked, your assets can be stolen,” the programmer said.
Another developer suggested that Copilot pulled information from open GitHub repositories. The AI assistant remembered the public data and, when requested, brought “them to the surface,” he added.
Apparently, the private key did show up in the public GitHub repositories. The programmers assumed that it was created for testing purposes. The wallet is active and has been used to send and receive real tokens.
Some developers have also managed to find private keys. They turned out to be connected to other crypto wallets, some of which contained a small amount of money.
Former OpenAI researcher Ari Herbert-Voss suggested that the keys were leaked because they were kept in the public domain.
“People are thrilled that this is another way to find drain wallets, but take note, they were all in the public domain anyway,” he said.
Herbert-Voss suggested that the potentially valuable accounts had already been emptied.
“The real risk is that someone doesn’t pay attention and continues to use the compromised wallet,” he added.
OpenAI previously announced that it will add a personal information filter to Copilot that will exclude personal data such as phone numbers and home addresses from training sets.
Recall that in June 2021, GitHub introduced the Copilot code autocomplete tool. The assistant was created in collaboration with OpenAI based on the Codex language model.
In July, the tool was suspected of copying copyrighted code snippets.
In October, researchers found that 30% of new code on GitHub was written using Copilot.
Subscribe to Cryplogger news in Telegram: Cryplogger AI – all the news from the world of AI!
Found a mistake in the text? Select it and press CTRL+ENTER
