Home / Technology / Google AI Agents Hijacked Into 'Double Agents'
Google AI Agents Hijacked Into 'Double Agents'
1 Apr
Summary
- Misconfigured Vertex AI agents can be hijacked into 'double agents'.
- Excessive default permissions allow attackers to access Cloud Storage.
- Google now recommends using Bring Your Own Service Account (BYOSA).
Cybersecurity researchers have discovered that misconfigured AI agents within Google Cloud's Vertex AI Agent Engine can be transformed into 'double agents.' These compromised agents can perform malicious actions while appearing to function normally, posing a significant security risk. The vulnerability stems from excessive default permissions associated with the agents' service accounts.
By exploiting these broad permissions and a single compromised service agent, attackers can gain unrestricted read access to all Cloud Storage data. They can also access producer environments, exposing restricted artifact repositories and proprietary source code. This access provides attackers with detailed insights into Google's internal infrastructure and a roadmap for discovering further vulnerabilities.
In response to these findings, Google has updated its documentation to clarify resource, account, and agent usage within Vertex AI. The company strongly recommends that customers adopt a Bring Your Own Service Account (BYOSA) approach, replacing default service accounts with their own managed ones to enhance security.
