Back to feed
Dev.to
Dev.to
5/8/2026
How a Morse Code Attack Bypassed Bankr's LLM Agent: T1027 Obfuscation in the Wild

How a Morse Code Attack Bypassed Bankr's LLM Agent: T1027 Obfuscation in the Wild

Short summary

Security researchers discovered a morse code prompt injection attack on Bankr's LLM agent that bypassed content filters by encoding malicious instructions in dots and dashes, exploiting the model's inherent decoding capability. The attack persisted across multiple conversation turns and exposed six additional encoding-based vulnerabilities including Base64, ROT13, and zero-width characters. The article proposes an encoding-normalizer defense layer that decodes all inputs before content filtering, implementing MITRE ATT&CK T1027 detection.

  • Morse code and other encodings bypassed LLM safety filters targeting Bankr financial agent
  • Multi-turn conversation attacks exploited model state maintenance to construct malicious context
  • Encoding-normalizer defense shifts detection from filtered text to semantic payload the model will interpret

Generated with AI, which can make mistakes.

#ai-agents#ai-tools#regulation-policy#certification-education
Read full article at Dev.to

Is this a good recommendation for you?

Explore more

How Base64 Encoding Enables Supply Chain Attacks on AI Systems
Dev.to
The web is now weaponized against your AI agents
Dev.to
I Broke AI Systems for a Living. Here’s How Attackers Actually Do It.
Dev.to
Prompt injection through website content: how AI agents can be manipulated by the pages they visit
Dev.to