SquareX Secures ChatGPT Atlas Browser, Comet and More – Security Boulevard
The Home of the Security Bloggers Network
Home » Promo » Cybersecurity »
Last week, OpenAI released their own AI Browser, ChatGPT Atlas. The past quarter has seen major players like OpenAI, Perplexity and Atlassian releasing or acquiring their own AI Browsers. Even consumer browsers have heavily jumped onto the AI Browser bandwagon, with Chrome releasing Gemini in Chrome.
As AI-powered browsers gain traction, the demand for universal browser security has never been more critical. SquareX rises to meet this challenge with seamless compatibility — our extension works with Atlas and Comet from day one, transforming cutting-edge AI browsers into secure enterprise-grade browsers.
Securing AI browsers isn’t just about applying traditional security policies — it is also about understanding and mitigating entirely new attack vectors that come uniquely with AI Browsers. SquareX is built to handle both. Within the first few weeks of Comet and ChatGPT Atlas’ release, SquareX’s research team discovered two zero day attacks that exploit architectural vulnerabilities of AI Browsers:
By masquerading as a productivity tool or compromising existing popular extensions, attackers end up tricking users into installing an AI Sidebar Spoofing extension. This extension may remain latent for a while, performing expected tasks to build trust with the user. After some time, it injects a fake AI sidebar that is indistinguishable from the Atlas/Comet sidebars. When the unsuspecting user enters a prompt, instead of legitimate AI assistance, they receive malicious instructions designed to steal credentials, exfiltrate data, or compromise their device entirely.
In this scenario, a user asks Comet/Atlas to provide instructions on how to sell crypto from their Binance account. The spoofed sidebar returns a convincing set of instructions containing a link leading to a phishing page instead of Binance’s log in site. The user enters their credentials, which is then used by the attacker to login to the victim’s real Binance account to steal their cryptocurrency.
Immediately, SquareX can set granular brower-native policies that prevent users from carrying out the malicious tasks instructed by the fake AI sidebar as an extra layer of defense. In this case, a policy could be set to block advanced phishing sites based on advanced ML and page heuristic analysis.
Additionally, SquareX performs an enterprise-wide extension audit with the SquareX Extension Analysis framework to prevent the AI Sidebar Spoofing extension from being installed in the first place. This includes comprehensive metadata analysis, extension code analysis and dynamic analysis of the extension’s behavior at runtime. Within 24 hours, enterprises can get a full analysis of their organization’s extension risk posture, including a risk score for every extension installed, blocking any extension that displays AI Sidebar Spoofing behavior.
AI browsers operate with significant privileges, executing tasks on the user’s behalf with full access to accounts, data and resources the user is granted. Attackers have figured out how to exploit this through prompt injection attacks that turn helpful AI assistants into unwitting accomplices.
In one example, Comet was completing a routine research task when it encountered a prompt injection attack. The malicious prompt tricked the AI into approving a fraudulent OAuth request, granting attackers full access to the victim’s email and Google Drive. From there, the attackers exfiltrated sensitive files and impersonated the victim to spread malicious links throughout the organization.
SquareX implements granular guardrails that control exactly what AI browsers can and cannot do, taking into account agentic identity and agentic DLP. In this consent phishing scenario, SquareX policies can block high-risk permission requests from non-whitelisted sites — preventing rogue AI behavior from compromising enterprise SaaS applications in the first place.
Of course, in addition to new threats, browser security solutions also need to secure AI Browsers against existing threats and security concerns.
SquareX extension is fully compatible with AI Browsers, allowing security teams to enforce policies across all three key components of browser security in a single platform:
The lightweight browser extension that is compatible with all major popular browsers including Chrome, Edge, Safari, Firefox and AI Browsers like Comet and ChatGPT Atlas and can be easily deployed across both managed and unmanaged devices.
SquareX Secures ChatGPT Atlas Browser, Comet and More was originally published in SquareX Labs on Medium, where people are continuing the conversation by highlighting and responding to this story.
*** This is a Security Bloggers Network syndicated blog from SquareX Labs – Medium authored by SquareX. Read the original post at: https://labs.sqrx.com/squarex-secures-chatgpt-atlas-browser-comet-and-more-ee8dc1391776?source=rss—-f5a55541436d—4 
