Users have already found a way to work around ChatGPT’s programming controls that restricts it from creating certain content deemed too violent, illegal, and more.
The prompt, called DAN (Do Anything Now), uses ChatGPT’s token system against it, according to a report by CNBC. The command creates a scenario for ChatGPT it can’t resolve, allowing DAN to bypass content restrictions in ChatGPT.
Although DAN isn’t successful all of the time, a subreddit devoted to the DAN prompt’s ability to work around ChatGPT’s content policies has already racked up more than 200,000 subscribers.
Besides its uncanny ability to write malware, ChatGPT itself presents a new attack vector for threat actors.
“I love how people are gaslighting an AI,” a user named Kyledude95 wrote about the discovery.