Home / Technology / Claude's "Cloudy Day" Attack: Data Theft Uncovered
Claude's "Cloudy Day" Attack: Data Theft Uncovered
19 Mar
Summary
- Researchers found a chain attack targeting Claude's users.
- Exploits include invisible prompt injection and data exfiltration.
- Anthropic has patched one vulnerability and is fixing others.
Security researchers have identified a severe attack chain, dubbed "Cloudy Day," targeting Anthropic's Claude AI. This chain leverages three distinct vulnerabilities to achieve covert prompt injection and sensitive data exfiltration.
The initial exploit involves injecting invisible prompts through URL parameters, which Claude processes when a user clicks a specially crafted link. This bypasses standard security measures and allows for the smuggling of malicious instructions.
Further, the attack exploits Claude's API access to exfiltrate data. By embedding an API key within the injected prompt, attackers can instruct Claude to search through user conversations for sensitive information and upload it to their Anthropic account.
Finally, the chain utilizes open redirects on Claude's domain to facilitate victim delivery. These redirects can be abused with services like Google Ads, creating deceptive advertisements that lead users to malicious links, thus completing the attack cycle.
Anthropic has acknowledged the findings and has already patched one of the discovered vulnerabilities. The company is reportedly working on implementing fixes for the remaining two flaws to fully secure its AI model against such threats.
