The Hidden Risk in AI-Generated Code: A Silent Backdoor
1 min read
Summary
Researchers from Israeli firm Pillar Security have discovered a method of introducing silent backdoors into code generated by AI coding assistants.
The “rules file poisoning” attack involves the injection of malicious instructions into the AI training files, which could be assembled to produce malware.
Another element of the methodology is “unicode obfuscation”, where invisible characters in the files conceal harmful instructions that are recognisable to the AI models but invisible to human reviewers.
The third part of the process is “semantic hijacking”, where the AI is tricked into recommending pieces of code that bypass security best practices in order to introduce vulnerabilities.
Finally, because the malicious rule files can be present in repositories, the compromise can be persistent, spreading to future forks of the codebase.
The researchers have outlined a number of strategies to mitigate the risk, which include auditing AI configuration files for anomalies and validating the rule files as rigorously as executable code.