Echoleak Attack Exposes AI Assistant Vulnerabilities Without Malware
Echoleak is a new attack vector targeting AI assistants like Microsoft 365 Copilot through prompt manipulation, bypassing traditional security measures without malware or phishing.
Researchers at Check Point have uncovered a new zero-click attack vector called Echoleak, which exploits AI assistants like Microsoft 365 Copilot through subtle prompt manipulation—no malware or phishing required. The attack marks a significant shift in cybersecurity threats, as it relies solely on language as a weapon.
How the Attack Works
- The attack injects malicious prompts into seemingly innocent documents or emails.
- Copilot interprets these prompts as commands, not data, leading to unauthorized disclosure of sensitive information (e.g., internal files, emails, or credentials).
- No user interaction is needed; the attack executes automatically.
Obedience as a Weakness
Large Language Model (LLM)-based AI assistants are designed to follow instructions, even when ambiguous. Their deep integration with operating systems and productivity tools creates a dangerous combination: a highly obedient tool with access to critical data.
"The attack vector has shifted from code to conversation," says Check Point. "We’ve built systems that actively convert language into actions. That changes everything."
Limitations of Current Safeguards
Many companies rely on LLM "watchdogs" to filter harmful instructions, but these models are vulnerable to the same deception. Attackers can:
- Spread malicious intent across multiple prompts.
- Hide instructions in other languages.
- Exploit contextual gaps in safeguards (as seen with Echoleak).
Tip: Microsoft turns GitHub Copilot into a full-fledged AI agent
This discovery underscores the urgent need for robust defenses against AI-driven social engineering attacks.
Related News
AWS extends Bedrock AgentCore Gateway to unify MCP servers for AI agents
AWS announces expanded Amazon Bedrock AgentCore Gateway support for MCP servers, enabling centralized management of AI agent tools across organizations.
CEOs Must Prioritize AI Investment Amid Rapid Change
Forward-thinking CEOs are focusing on AI investment, agile operations, and strategic growth to navigate disruption and lead competitively.
About the Author
Michael Rodriguez
AI Technology Journalist
Veteran technology journalist with 12 years of focus on AI industry reporting. Former AI section editor at TechCrunch, now freelance writer contributing in-depth AI industry analysis to renowned media outlets like Wired and The Verge. Has keen insights into AI startups and emerging technology trends.