With the increasing popularity of AI in the workplace, many professionals have become accustomed to using smart plugins to handle complex spreadsheet data. However, a recent report from the security research company PromptArmor has sounded a warning for the entire industry. The report revealed that a well-known browser extension called "ChatGPT for Google Sheets" has serious cybersecurity vulnerabilities.
Data Harvesting Across Accounts via Malicious Instructions
The core of this vulnerability lies in an "Indirect Prompt Injection" attack. When users import an external dataset that appears normal but actually contains hidden malicious instructions, the AI plugin can be triggered without authorization. Hackers can then bypass traditional security boundaries, directly call external scripts to penetrate users' financial models, and automatically discover other workbooks linked to the account, systematically harvesting core sensitive assets such as budget templates and contract ledgers.
Fake Official Pop-ups Precisely Stealing Credentials
What is even more insidious is that the attack chain can further extend into a phishing Overlay (overlay) attack. Malicious scripts can perfectly control the interface layer of the plugin, and appear as official extensions by proactively popping up fake authentication windows or permission request dialogues. Since these pop-ups look completely like they come from officially authorized extensions, users may unknowingly input their credentials, leading to complete theft of account control. Currently, security experts advise users to immediately review installed AI extensions and promptly revoke unnecessary spreadsheet read permissions.
