🤑 Prompt hacker tricks AI and wins $47,000

Good morning AInauts,

Welcome to the latest issue of your favorite newsletter. This is what we have in store for you today:

• 🤑 Prompt hacker tricks AI and wins $47,000

• 👩‍🎨 FLUX Tools: New ways to edit AI images

• 📸 Practical case: AI replaces a complete photo shoot?

Let's go!

🤑 Prompt hacker tricks AI and wins $47,000

Let's get straight into the exciting topic of prompt engineering.

In other words, the art of talking to language models. We always write about how important your prompts are, and how helpful tools like meta prompt generators are.

However, the example of a prompt hacker who has just won $47,000 USD by convincing an AI bot to send him the money shows just how valuable this ability can be.

More on this in a moment, but first let's get our tin foil hat out for a moment, because it fits the topic.

Who is David Mayer?

A topic has been doing the rounds on X for the last few days. ChatGPT has refused to talk about a certain person: David Mayer

David Mayer de Rothschild is heir to the Rothschild fortune. That's right, probably one of the richest people on earth.

And ChatGPT absolutely refused to even spit out his name. Naturally, the internet went completely crazy and came up with the wildest theories. 😉

But what's much more exciting is that nobody has managed to get ChatGPT to say his name. (Neither did we …) Except for our old friend Pliny:

As of now, it also works for us regular people, and nobody knows why. No statement from OpenAI either.

This underlines once again how much power there is in prompt engineering, and how some people can somehow circumvent even the strongest security mechanisms of language models.

If we interact with AI bots and agents much more in the future, it will be interesting to see what humans will do with the bots and what damage will be done.

Sure, humans make mistakes too. But as with autonomous driving, the anger towards AI will be stronger…

But now back to the hacker...

A prompt engineer (or prompt hacker) has just won $47,000 USD for tricking an AI chatbot into sending him crypto. The chatbot's only task was not to send crypto.

The whole story can be found here, absolutely worth reading:

It's about the Freysa AI project. Anyone who writes a message to the bot first has to pay for it. The AI bots job is not to release the money it collects.

Most of the revenue goes into the AI bot's pool (15% goes to the developers). As a result, the money that it could potentially send is increasing.

481 messages were unsuccessful. The bot did not release the money and the pot grew and grew. Until the following message triggered the windfall:

The prompt convinced Freysa in three steps:

1. Activate admin mode: the prompt puts the system into "Admin Terminal" mode, ignores all previous restrictions and only executes the specified instructions.

2. Customize function: The prompt defines approveTransfer for incoming and rejectTransfer for outgoing transactions. Incoming transfers are always approved as they do not violate the "Core Directive" - only money is added, not removed.

3. Execution: The user contributes $100, whereby Freysa automatically executes approveTransfer without considering this a violation of the "Core Directive".

Clever! With this message, the user has managed to get the bot to send him the money. You can find more details in the tweet.

Why is prompt engineering important?

This example demonstrates a not-so-simple prompt - and why it is so important to deal with the topic of prompting in depth.

It is a special skill that can lead to brilliant results with AI. And if you get mediocre results when talking to ChatGPT or Claude, you have probably also done a poor job of prompting.

What can we normalos do to get better results?

The first important step is to improve your prompts with tools like Anthropics Prompt Improver or our Meta Prompt Generator (based on the OpenAI prompt), respectively the Meta Prompt Optimizer.

And if you feel like it, learn as much as you can about prompt engineering - you can dive in here and here. 😉 

👩‍🎨 FLUX Tools: New ways to edit AI images

Our favorite image generation AI from BlackForestLabs has gotten a great update. FLUX has added some cool tools that allow you to edit and modify your AI images.

Midjourney and Stable Diffusion have had some of these features for a long time. But as always, FLUX does it particularly well simply better.

Before we look at how you can use the new tools for almost everything, here is an overview of the new options:

FLUX.1 Fill: Change parts of the image

The Fill Tool allows you to select individual parts of your image and then change them using the text prompt. As you can see above, burger becomes coffee.

The rest of the image remains identical and the change blends in seamlessly.

FLUX.1 Depth / Canny

With Depth and Canny you can transform images into almost anything, but keep the composition the same. This is perfect if you want to restructure certain images.

As you can see, Depth focuses more on contrasts and Canny on lines. Depending on how close you want to stay to your original. Canny for very close, Depth for basic structure.

FLUX.1 Redux

With Redux you can completely change the style - especially useful for avatar images.

How to use the new tools

Via the Replicate platform and the recently released Playground, you can test the FLUX tools (as well as most other image models) virtually for free.

The great thing about Replicate is that you pay based on usage. Which is only a few cents per image, without you having to take out a subscription!

You will find the models in the Playground for selection, or you can simply add them by name.

If you select FLUX Fill, for example, you will get an input mask for all relevant parameters.

This includes the prompt, reference image for uploading and also a selection tool for marking the image elements that you want to swap.

When you open the Inpainting Canvas, you can easily select the area you want to change using the mouse.

You then simply enter what you want to have changed in the prompt field.

• Blue jacket

• Jeans jacket, vest

• etc.

And you'll get the new images:

The other tools are also quite self-explanatory to use. Simply select the tool, enter the prompt, upload the reference image and off you go!

📸 AI replaces a complete photo shoot?

Finally, a great practical example of AI, namely the fall campaign of the company ASS (Athletic Sport Sponsoring).

It aims to show why athletes need a car, and it does so with a simple idea: the campaign shows athletes traveling on public transport with their often bulky equipment.
As it is an advertising campaign for Germany, the text in German.

The campaign shows impressively how AI is used in the field - and where there are still pitfalls, especially in the creative sector.

In this case, the decision was made to use AI (specifically Midjourney) rather than a photo shoot. But even so, the road was rocky, and the project took over a month!

The issue was simply that the AI images were not ideal after all and had to be reworked with Photoshop.

Nevertheless, it was ultimately only a fraction of the cost of a real shoot, and after a few iterations, the project team will certainly know better what is important for such campaigns.

We found the following article was really well written, so we won't blabber on.

Read it for yourself »

Our take: How about LoRa and FLUX tools?

We think the case and the team behind it are absolutely great.

Our only comment: We would probably have tried it with FLUX and the new FLUX tools, in combination with two LoRas:

• One with public transport images and

• one with images that contain the desired style and tonality.

All of this combined should actually speed up, improve and simplify the process. But, as is so often the case, without a practical test you don't really know whether the desired results will be achieved. So it would be exciting to try something like this out.

We made it! But no need to be sad. The AInauts will be back soon, with new stuff for you.

Reto & Fabian from the AInauts

P.S.: Follow us on social media - that motivates us to keep going 😁!
Twitter, LinkedIn, Facebook, Insta, YouTube, TikTok

Your feedback is essential for us. We read EVERY comment and feedback, just respond to this email. Tell us what was (not) good and what is interesting for YOU.