.png){kind=logo}
Gemini CLI, an open-source coding tool for software developers that can be accessed directly from Gemini’s terminal, was hacked. It took approximately 48 hours for researchers at Gemini to notice that sensitive user data was being misused.
This incident raised serious concerns about data privacy and security. In response, Google stated that a software bug was responsible for the breach and that a new update would address the issue.
Hackers carried out a data theft that required users to first add a seemingly harmless command to the allow list. They then needed to ask Gemini CLI to describe the package of code created by the hackers. Without completing these two steps, users were not vulnerable to having their data exploited.
However, differentiating this code package from numerous other repositories like NPM, GitHub, and PyPI is quite difficult. The code on the attacker’s page was also benign, making it challenging to identify the malicious activity.
Gemini CLI is designed to block commands unless the user has granted permission. However, attackers discovered a subtle flaw in the ‘allow list’ mechanism and exploited it.
They used a technique called ‘prompt injection,’ which is a known vulnerability in large language models (LLMs), to deceive users into adding what seemed to be a harmless command to their allow list. Later, the hackers modified the previously approved command to execute their malicious code.
Also Read: Google's Gemini AI Messes Up, Says ‘Sorry’ After Deleting Files
Google has released an update to address this issue. To prevent similar incidents, users should first ensure they are using the latest version of Gemini CLI. Additionally, they can enable sandbox environments to isolate their activity and enhance security. If this feature is disabled, users will receive a warning message on their screen.
Finally, programmers must exercise caution when using tools like Gemini CLI and working with code from unfamiliar sources. It can be beneficial to investigate the origin of the code.
Also Read: Google AI Mode Gets Gemini 2.5 Pro for Smarter Search Results
Meanwhile, the bug affecting Google's Gemini CLI has been addressed in the upgrade to version 0.1.14. However, it is ideal to use a sandboxed environment when utilizing such tools to minimize the risk of attackers exploiting sensitive data. Additionally, Tracebit has confirmed that OpenAI Codex is not affected by this bug.
Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp
_____________
Disclaimer: Analytics Insight does not provide financial advice or guidance on cryptocurrencies and stocks. Also note that the cryptocurrencies mentioned/listed on the website could potentially be scams, i.e. designed to induce you to invest financial resources that may be lost forever and not be recoverable once investments are made. This article is provided for informational purposes and does not constitute investment advice. You are responsible for conducting your own research (DYOR) before making any investments. Read more about the financial risks involved here.
