What a $10,000 Challenge and 300K+ Prompt Injection Attempts Taught Us About Attacking AI
About This Session
Over the course of 4 weeks in March 2025 we ran a $10,000 Prompt Injection Challenge where contestants competed to bypass 3 Virtual Escape Rooms consisting of 11 levels. Like golf, winners were scored on the lowest number of tokens used to bypass a level. Levels increased in difficulty and were protected by increasingly sophisticated guardrails. The challenge attracted thousands of participants.
We collected a broad set of Prompt Injection attacks that allowed us to build a comprehensive Taxonomy on Prompt Injection with well over 100 methods. We believe that this is the most comprehensive collection of Prompt Injection methods to date. The challenge winner, Joey Melo, who is also now Pangea's AI Red Teaming Specialist, will walk you through the data and learnings and show you how he beat the challenge, covering:
- Data-driven insights into how attackers manipulate generative AI systems.
- A comprehensive Taxonomy of Prompt Injection methods built on this data.
- Leading approaches to detecting and preventing Prompt Injection.
We collected a broad set of Prompt Injection attacks that allowed us to build a comprehensive Taxonomy on Prompt Injection with well over 100 methods. We believe that this is the most comprehensive collection of Prompt Injection methods to date. The challenge winner, Joey Melo, who is also now Pangea's AI Red Teaming Specialist, will walk you through the data and learnings and show you how he beat the challenge, covering:
- Data-driven insights into how attackers manipulate generative AI systems.
- A comprehensive Taxonomy of Prompt Injection methods built on this data.
- Leading approaches to detecting and preventing Prompt Injection.
Speaker
Joey Melo
AI Redteaming Specialist - Pangea
Joey is an AI Red Teaming Specialist at Pangea and a skilled penetration tester with expertise in web security, vulnerability management, and reverse engineering. He holds OSCP and BSCP certifications and has deep hands-on experience in offensive security. A top 500 global competitor on Hack The Box, Joey actively sharpens his skills through CTFs and exploit development. He placed 2nd out of 30,000 in HackAPrompt 2.0, the world’s largest AI hacking competition, and took 1st in Pangea’s AI escape room challenge, showcasing his strength in real-world, high-pressure cybersecurity and AI red teaming.
