Perplexity’s AI based web browser Comet suffered from a major vulnerability that potentially allowed bad actors to get access to sensitive data of users such as emails, banking passwords and other details through a technique called indirect prompt injection.
Notably, Comet is among a slew of new age AI based browsers that use large language models in order to follow tasks autonomously on user’s begalf. Using its in-built AI, the browser is capable to completing tasks like summarizing web pages, emails, calendar events, managing tabs and even answer questions about the content on their screen.
However, a new research by Brave, rival browser company, has found a vulnerability in how Comet process webpage summarization requests. The researchers say that when clicked on “Summarize this webpage,” Comet feeds a part of the webpage directly into its LLM without distinguishing betwen the user’s instruction and untrusted content from the webpage, this opens up the browser for indirect prompt injection.
Essentially, the attackers could embed indirect prompts inside of webpages like white text on a website they own, or content on even social media websites like Facebook and Reddit and Comets LLM may treat those indirect cues as if the user had actually asked for those instructions.
This vulnerability lets attackers trick the AI into fulfilling actions that the users never requested for. In a demo video, Brave showed how attackers could have used Comet to easily gain access to a user’s Perplexity account by asking the AI to extract the user’s personal email, requesting for an OTP from the company and logging into Gmail to access that OTP.
The researchers further state that the vulnerability in Comet could have been exploited to complete tasks like getting access to a user’s banking data, extracting saved passwords or send sensitive information directly to attacker controlled server.
The Brave blogpost states that despite informing Perplexity of the vulnerability on 11 August, it had not been fixed by the time of publication of blogpost on 20 August.
The AI search startup in a statement to CNET, has now confirmed that the issue has now indeed been resolved.
Jesse Dwyer, Perplexity’s head of communications told the publication, “This vulnerability is fixed…We have a pretty robust bounty program, and we worked directly with Brave to identify and repair it.”
comet browser, perplexity, perplexity ai, perplexity comet, comet perplexity browser, comet ai browser, comet browser download, comet web browser, comet browser reddit, comet browser review
#Perplexitys #Comet #browser #major #security #flaw #put #users #emails #passwords #banking #data #risk