Hidden Ghost Hand: Unveiling Backdoor Vulnerabilities in MLLM-Powered Mobile GUI Agents
Researchers have developed a new framework called AgentGhost to identify backdoor vulnerabilities in multimodal large language model (MLLM)-powered mobile GUI agents. These agents, often used due to high fine-tuning costs, are susceptible to supply chain attacks. AgentGhost combines goal and interaction-level triggers to activate backdoors while maintaining task utility, achieving 99.7% attack accuracy with only 1% utility degradation in tests on mobile benchmarks. A proposed defense method reduced the attack accuracy to 22.1%. AI
IMPACT Highlights potential security risks in MLLM-powered agents, necessitating robust defenses for supply chain integrity.