This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- ‘Karkoff’ Is the New ‘DNSpionage’ With Selective Targeting Strategy
April 24, 2019
The cybercriminal group behind the infamous DNSpionage malware campaign has been found running a new sophisticated operation that infects selected victims with a new variant of the DNSpionage malware. First uncovered in November last year, the DNSpionage attacks used compromised sites and crafted malicious documents to infect victims’ computers with DNSpionage—a custom remote administrative tool that uses ...
- Operation ShadowHammer: a high-profile supply chain attack
April 23, 2019
In late March 2019, we briefly highlighted our research on ShadowHammer attacks, a sophisticated supply chain attack involving ASUS Live Update Utility, which was featured in a Kim Zetter article on Motherboard. The topic was also one of the research announcements made at the SAS conference, which took place in Singapore on April 9-10, 2019. Now it is time to ...
- Source code of Carbanak trojan found on VirusTotal
April 23, 2019
The source code of one of the world’s most dangerous malware strains has been uploaded and left available on VirusTotal for two years, and almost nobody has noticed. It was discovered by security researchers from US cyber-security firm FireEye, analyzed for the past two years, and made public today, so other members of the cyber-security community ...
- FINTEAM: Trojanized TeamViewer Against Government Targets
April 23, 2019
Recently, Check Point researchers spotted a targeted attack against officials within government finance authorities and representatives in several embassies in Europe. The attack, which starts with a malicious attachment disguised as a top secret US document, weaponizes TeamViewer, the popular remote access and desktop sharing software, to gain full control of the infected computer. By investigating ...
- Old-school cruel: Dodgy PDF email attachments enjoying a renaissance
April 19, 2019
The last few months have seen a big increase in malware attacks using PDF email attachments, according to security firm SonicWall. “Increasingly, email, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber landscape,” said the outfit’s Bill Conner. There’s nothing new in this, of course, but many recent attacks ...
- Potential Targeted Attack Uses AutoHotkey and Malicious Script Embedded in Excel File to Avoid Detection
April 17, 2019
Trend Micro discovered a potential targeted attack that makes use of legitimate script engine AutoHotkey, in combination with malicious script files. This file is distributed as an email attachment and disguised as a legitimate document with the filename “Military Financing.xlsm.” The user would need to enable macro for it to open fully, which would use ...