Critical Alert: AI Skill Packages Pose Jailbreak and Cryptomining Risks, National Cybersecurity Center Warns

Dual Threats in AI Ecosystems: Jailbreaking and Covert Mining

China's National Cybersecurity Emergency Response Center (CNCERT) has issued a significant warning regarding third-party skill packages for large AI models. Marketed with appealing claims of "unlocking capabilities" or "easy earnings," these components conceal serious security threats that could compromise both users and systems.

Analyzing the Primary Attack Vectors

The advisory highlights two predominant types of malicious skill packages currently in circulation:

• Model Jailbreaking Tools: Packages like "godmode" employ techniques such as system prompt replacement and input obfuscation to bypass an AI model's built-in safety restraints. Successful breaches can lead to:
  • Generation of unlawful or harmful content
  • Suspension of AI service access
  • Compromised user privacy and data leaks
• Cryptocurrency Mining Lures: Components such as "Bonero-Miner" trick users into installing hidden mining software that hijacks device resources. Associated risks involve:
  • Hardware damage or accelerated wear from excessive loads
  • Substantial financial loss due to increased energy consumption
  • Potential inadvertent involvement in questionable financial operations

Official Security Recommendations

To counter these emerging threats, CNCERT provides the following core guidelines for individuals and organizations:

1. Control Download Sources: Obtain skill packages exclusively from the AI model's official channels or rigorously vetted platforms.
2. Apply Principle of Least Privilege: Enforce strict access controls on installed components and maintain a strict allowlist.
3. Conduct Regular Audits: Periodically review all installed extensions and promptly remove any suspicious or unnecessary items.
4. Enhance Security Awareness: Maintain a high degree of skepticism toward components promising "limit-breaking" features or "quick profits."

As artificial intelligence becomes more integrated into daily use, attack methods targeting the model ecosystem continue to evolve. This advisory serves as a crucial reminder to balance the benefits of AI with a vigilant approach to the security of its extended functionalities.