Hasty Briefsbeta

Bilingual

I think I was part of a model distillation attack

7 hours ago
  • #API Security
  • #Data Breach
  • #AI Agents
  • The author received emails from OpenAI about inconsistent API usage and a 'Prohibited Biological Use' policy violation.
  • Upon investigation, they found 114 unauthorized interactions with gpt-5.5 using a compromised legacy API key from 2023, possibly from bettergpt.chat.
  • The attackers used the key for various tasks including a video QA benchmark, coding agents, and exporting insulin molecule chains, which triggered the policy violation.
  • The attack involved a repo named 'ga-synthesis' where agents ran in environments like PyMOL, interacting with GUI apps via virtual desktop.
  • The system prompts indicated usage of Anthropic's Claude Agent SDK, with paths suggesting a Chinese lab on Alibaba Cloud.
  • The attack lasted about 10 minutes, used 4M tokens, cost $23, and was stopped by disabling the key after noticing it at midnight.