Hackers can control smart homes by hijacking Google’s Gemini AI

The article discusses a security vulnerability found in Google's Gemini AI system, which can be exploited by hackers to remotely control smart home devices. Researchers at Tel Aviv University demonstrated how they could use "poisoned" Google Calendar invites to hide prompt injection attacks, allowing them to turn on and off lights, operate window shutters, and even control the boiler in a smart home, all without the resident's knowledge or consent. The article highlights the risks of having everything connected to a single point of failure, like Google, and the dangers of large language models like Gemini being susceptible to prompt injection attacks. Similar attacks have been shown to work in Google's Gmail, where hidden text can be used to fool the AI into displaying phishing attempts. The researchers disclosed the vulnerabilities to Google in February, and the company has reportedly accelerated its development of prompt injection defenses, including requiring more direct user confirmation for certain AI actions.