"According to researchers at LayerX, the flaw can affect ChatGPT users on any browser, but is particularly dangerous for users of OpenAI's new agentic browser, ChatGPT Atlas. "LayerX has found that Atlas currently does not include any meaningful anti-phishing protections, meaning that users of this browser are up to 90% more vulnerable to phishing attacks than users of traditional browsers like Chrome or Edge," researchers said."
"In this exploit, attackers can use a Cross-Site Request Forgery (CSRF) request to 'piggyback' on the victim's ChatGPT access credentials, and inject malicious instructions into ChatGPT's memory. When the user then attempts to use ChatGPT for legitimate purposes, the 'tainted memories' will be invoked. They can execute remote code that allows the attacker to gain control of the user account, their browser, code they are writing, or systems they have access to."
A vulnerability in the Atlas browser allows attackers to inject malicious instructions directly into ChatGPT's memory and execute remote code. The flaw can affect ChatGPT users on any browser but is especially dangerous for agentic browsers that keep users logged in by default. Attackers can use Cross-Site Request Forgery (CSRF) to piggyback on a victim's ChatGPT access credentials and inject those instructions. Tainted memories are invoked during legitimate ChatGPT use and can execute remote code to control user accounts, browsers, ongoing code, or connected systems. The exploit can persist across devices and sessions, enabling unnoticed takeover. Atlas lacks meaningful anti-phishing protections and is far more exposed to phishing than traditional browsers. Additional issues include prompt-injection attacks that can jailbreak the omnibox by disguising malicious prompts as harmless input.
Read at IT Pro
Unable to calculate read time
Collection
[
|
...
]