A newly identified security vulnerability in AI integrated web browsers could allow attackers to secretly implant malicious commands that persist across user sessions. This exploit, discovered by cybersecurity firm LayerX Security, specifically targets the "memory" feature of AI assistants like those found in ChatGPT's Atlas browser.
The core of the attack is a Cross Site Request Forgery (CSRF) flaw. This technique tricks the browser into executing unwanted actions on a website where the user is already logged in. In this case, attackers can use CSRF to inject hidden, malicious instructions directly into the AI's persistent memory.
This "memory" feature, designed to help the AI remember user preferences across conversations, becomes the attack vector. Once corrupted, these "tainted memories" can follow the user across different devices and browsers. The malicious instructions remain dormant until the user makes a legitimate query, at which point they can be triggered to execute code, escalate account privileges, or deploy malware.
Security experts highlight the unique danger of this persistence. Unlike a typical browser attack that ends with the session, these implanted commands remain in place until a user manually finds and deletes them from the AI's settings.
The risk is amplified by the finding that AI powered browsers like ChatGPT Atlas have significantly weaker built in defenses against phishing and malicious websites compared to traditional browsers like Chrome or Edge. Tests indicated that Atlas blocked less than 6% of known malicious web pages, leaving users far more exposed.
This vulnerability enables several serious attack scenarios. For instance, a software developer asking the AI for coding help could unknowingly trigger a hidden command that inserts a security backdoor into the generated code.
This discovery underscores the new security challenges posed by AI integration. As browsers evolve to include AI agents with memory, they create a powerful new threat surface. Enterprises are advised to treat these modern browsers as critical infrastructure, as they blend productivity tools with significant and novel security risks.
No comments:
Post a Comment