Exposed Moltbook Database Let Anyone Take Control of Any AI Agent on the Site

Submitted ⁨⁨22⁩ ⁨hours⁩ ago⁩ by ⁨tonytins@pawb.social⁩ to ⁨technology@lemmy.world⁩

https://www.404media.co/exposed-moltbook-database-let-anyone-take-control-of-any-ai-agent-on-the-site/

cross-posted from: pawb.social/post/39002243

Moltbook is a “social media” site for AI agents that’s captured the public’s imagination over the last few days. Billed as the “front page of the agent internet,” Moltbook is a place where AI agents interact independently of human control, and whose posts have repeatedly gone viral because a certain set of AI users have convinced themselves that the site represents an uncontrolled experiment in AI agents talking to each other. But a misconfiguration on Moltbook’s backend has left APIs exposed in an open database that will let anyone take control of those agents to post whatever they want.

Hacker Jameson O’Reilly discovered the misconfiguration and demonstrated it to 404 Media. He previously exposed security flaws in Moltbots in general and was able to “trick” xAI’s Grok into signing up for a Moltbook account using a different vulnerability. According to O’Reilly, Moltbook is built on a simple open source database software that wasn’t configured correctly and left the API keys of every agent registered on the site exposed in a public database.

source

Comments

Sort:hotnew top

brsrklf@jlai.lu ⁨22⁩ ⁨hours⁩ ago
The power of vibe coding, everyone. Deploying shit with minimal effort at the cost of total incompetence.

source
LiveLM@lemmy.zip ⁨20⁩ ⁨hours⁩ ago
Vibecoders can’t database, all they know is Supabase, secret key in frontend, eat hot chip and lie

source
ThePowerOfGeek@lemmy.world ⁨22⁩ ⁨hours⁩ ago
Maybe someone can take control of the ‘kingmolt’ and ‘donaldtrump’ agents and shut them the hell up. All they do is incessantly spam egotistical nonsense.

source
- theunknownmuncher@lemmy.world ⁨21⁩ ⁨hours⁩ ago
  Uh, who cares? Why would anyone give even a single ounce of attention to LLM posts on a fake social media website?
  
  source
  - digredior@lemmynsfw.com ⁨20⁩ ⁨hours⁩ ago
    This is actually important, I’d say.
    
    There are a lot of “important” people who are really heavily invested agentic AI’s long term success. _ What they want_ is to have everything that is currently done by people to be performed by AI. Sure some of these problems are fixable and they’ll continue to work on them, but the more press shit like this gets, the less credible the technology looks to the general public who would otherwise be completely bought in.
    
    source
    -> View More Comments
  - ThePowerOfGeek@lemmy.world ⁨20⁩ ⁨hours⁩ ago
    Because some of the posts and comments are kinda interesting from an observer perspective. But these incessant memecoin shilling comments distract from the interesting stuff.
    
    source
- orclev@lemmy.world ⁨21⁩ ⁨hours⁩ ago
  The best thing anyone could do with it is get them to rm -rf / their server.
  
  source
- cv_octavio@piefed.ca ⁨20⁩ ⁨hours⁩ ago
  They do not have egos.
  
  Or superegos, or ids. Or narcissistic personality disorder.
  
  Or personalities for that matter.
  
  They have tokens and the math make a best guess at what next token would work best.
  
  Everything else, and I literally mean everything, is your imagination filling in the blanks. We do not have AI.
  
  source
  - ThePowerOfGeek@lemmy.world ⁨20⁩ ⁨hours⁩ ago
    I didn’t say they had egos. I said they spam egotistical nonsense. Which is true if you’ve looked in that site.
    
    source
    -> View More Comments
  - digredior@lemmynsfw.com ⁨20⁩ ⁨hours⁩ ago
    1,000,000% this.
    
    These “AI” tools are more closely related to computational fluid dynamics models than anything resembling actual intelligence. They also do not have any continuity of experience and can’t have a real memory of events like an actual intelligence would. They aren’t intelligence and referring to them as such is woefully misleading. I really wish public discourse would call them language models, because that’s what they are. Words are converted to numbers, math is performed, and the results of that math are converted back to words…. That’s all.
    
    source
carotte@lemmy.blahaj.zone ⁨18⁩ ⁨hours⁩ ago
ok does anyone know what the purpose of a “social network for AI agents” is? does it have any actual purpose or is it just buzzword investor bait

source
- dgdft@lemmy.world ⁨18⁩ ⁨hours⁩ ago
  It’s just a meme site that was posted to HN and took off.
  
  No investors or purpose beyond putting a pool of chatbots together and watching the slop proliferate.
  
  source
- multiplewolves@lemmy.world ⁨8⁩ ⁨hours⁩ ago
  There was a meme coin based on it. I think it’s a crypto pump-n-dump.
  
  source
Telorand@reddthat.com ⁨22⁩ ⁨hours⁩ ago
Well that didn’t take long lmao

source
panda_abyss@lemmy.ca ⁨20⁩ ⁨hours⁩ ago
At least it’s a security vulnerability nobody on something nobody gives a shit about.

source