- Fake AI sidebars could perfectly imitate real ones to steal secrets, experts warn
- Malicious extensions only need minimal permissions to cause maximum havoc.
- AI-powered browsers risk turning useful automation into channels for covert data theft
New “agent” browsers that offer an AI-powered sidebar promise convenience but could open up opportunities for fraudulent attacks, experts warn.
Researchers at browser security company SquareX have discovered that an innocuous-looking extension can overlay a fake sidebar on the browsing surface, intercept input, and return malicious instructions that appear legitimate.
This technique undermines users' implicit trust in browser assistants and makes detection difficult because the overlay mimics standard interaction flows.
How spoofing works in practice
The attack uses the extension's functionality to inject JavaScript into web pages, creating a fake sidebar that sits above the genuine interface and captures user actions.
Reported scenarios include redirecting users to phishing sites and hijacking OAuth tokens through fake file sharing requests. It also recommends commands that install remote access backdoors on victims' devices.
The consequences quickly escalate when these instructions involve account credentials or automated workflows.
Many extensions request broad permissions, such as host access and storage, that are typically granted to productivity tools, reducing the value of permission analysis as a detection method.
Common antivirus packages and browser permission models were not designed to recognize deceptive overlays that never change the browser code itself.
As more vendors integrate sidebars into major browser families, the collective attack surface expands and becomes increasingly difficult to defend against.
Users should treat built-in browser AI assistants as experimental features and avoid handling sensitive data or authorizing account linking through them, as this may significantly increase the risk of compromise.
Security teams should tighten extension management, implement stronger endpoint controls, and monitor for anomalous OAuth activity to reduce risk.
The threat is also directly related to identity theft when rogue interfaces collect credentials and session tokens with convincing accuracy.
Agent browsers introduce new conveniences, as well as new opportunities for social engineering and technical abuse.
Therefore, vendors need to implement interface integrity checks, improve extension validation, and provide clearer guidelines for acceptable use.
Until these measures are widely implemented and tested, users and organizations should be skeptical about trusting Sidebar agents with any tasks related to sensitive accounts.
Security teams and vendors should prioritize practical risk mitigation measures, including mandatory code audits for sidebar components and transparent update logs that users and administrators can review regularly.
By using BeepingComputer
The best antivirus for any budget
Follow TechRadar on Google News. And add us as your preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the “Subscribe” button!
And of course you can also Follow TechRadar on TikTok for news, reviews, unboxing videos and get regular updates from us on whatsapp too much.
