Security experts have identified significant vulnerabilities within two popular Chrome extensions, SiderAI and MaxAI, jeopardizing the privacy of millions of users. These vulnerabilities could allow cybercriminals to commandeer browser sessions, risking exposure of sensitive information.
Discovery of the Vulnerabilities
The cybersecurity firm Rebora Security was instrumental in uncovering these critical flaws, termed “Spyder” and “MaXSS.” These issues affect the AI-driven extensions known for their ‘agentic side panel’ features, which enhance user experience with AI-powered summaries and automation tools. With over 10 million installations across Chrome-compatible browsers, the potential impact is vast.
SiderAI is notably positioned among the top 25 extensions on the Chrome Web Store, illustrating the widespread exposure to these risks. The root of the problem lies in improper handling of communications between web pages and the extensions’ internal systems, particularly involving content scripts.
Understanding Content Script Vulnerabilities
In the ecosystem of Chrome extensions, content scripts serve as a bridge between web pages and a browser extension’s background processes. These scripts are designed to maintain strict isolation, but both SiderAI and MaxAI failed to effectively validate inputs from web pages.
Researchers found that MaxAI was particularly vulnerable to crafted messages sent by malicious websites to the extension’s content script, which were then relayed to the background process without adequate checks. This flaw allowed attackers to perform unauthorized actions like opening concealed tabs, taking screenshots, and manipulating user accounts.
Real-World Implications and Responses
In practical demonstrations, attackers accessed Gmail and Google Calendar sessions, extracting sensitive data unnoticed by users. Similarly, the Spyder vulnerability in SiderAI enabled attackers to mimic user interactions, such as clicks and keystrokes, within web sessions.
This breach of trust boundaries could lead to unauthorized access to services like Google Gemini, allowing the extraction and external leakage of private AI conversation data. The ramifications of these vulnerabilities are severe, potentially enabling attackers to read emails, steal authentication tokens, and manipulate documents across the web.
Alarmingly, the attack vector requires no more than visiting a malicious webpage, making it both stealthy and scalable. Despite informing the extension developers, Rebora researchers received no response, prompting public disclosure of the findings. Google, overseeing the Chrome Web Store, has also been notified.
Users are urged to check their browsers for these extensions and remove them immediately to safeguard their data. This incident highlights the growing security challenges posed by AI-integrated browser extensions, emphasizing the need for robust endpoint security in today’s digital threat landscape.
Stay updated by following us on Google News, LinkedIn, and X for more real-time updates.
