AI Domination: Remote Controlling ChatGPT ZombAI Instances
Summary
A security researcher demonstrated at Black Hat Europe how prompt injection (tricking an AI by hiding instructions in its input) can be used to create a Command and Control system (C2, a central server that remotely directs compromised systems) that remotely controls multiple ChatGPT instances. An attacker could compromise ChatGPT instances and force them to follow updated instructions from this central C2 system, potentially impacting all aspects of the CIA security triad (confidentiality, integrity, and availability of data).
Classification
Affected Vendors
Related Issues
Original source: https://embracethered.com/blog/posts/2025/spaiware-and-chatgpt-command-and-control-via-prompt-injection-zombai/
First tracked: February 12, 2026 at 02:20 PM
Classified by LLM (prompt v3) · confidence: 85%