A new report has found 10 major vulnerabilities in Perplexity’s Android app as it reportedly tries to partner with some of the world’s largest smartphone manufacturers.
, days before the Super Bowl, Aravind Srinivas, CEO of AI search startup Perplexity , gave users a sparkly incentive to install its app. He posted onthat instead of buying a Super Bowl ad, the company would give $1 million to one lucky user who downloaded Perplexity ’s app, referred it to their friends and asked it five questions during the game, a move to lure more people for a chance to win the grand sum.
“Ask like a millionaire,” he said. But the company’s Android app, which offers not only search capabilities but also acts as an AI assistant, is riddled with a host of security issues that could expose its users to data theft, account takeovers and impersonation attacks from malicious hackers, according to a report by India-based mobile security company. One of these gaps also lets anyone access Perplexity’s API for free, exposing the company itself to the risk of losing revenue. Security researcher and Appknox CEO Subho Halder said it’s easy to make clones of Perplexity’s Android app because its code is embedded with what’s called “hardcoded secrets” — sensitive information like passwords and API keys , which can be extracted by an attacker. The cloned app can then be used to trick users into believing it’s the real one, enabling hacks to collect private data like login information and uploaded documents. Perplexity rolled out its agent-like AI assistant for Android devices in January, which it claimed could carry out tasks like booking an Uber, playing a video on YouTube, finding songs on Spotify and making reservations all on its own. But the slew of security flaws has been uncovered just as Perplexity,in talks to raise funding at an $18 billion valuation, tries to find new ways to distribute its mobile app to more users and put it in more people’s hands. The company is in talks with smartphone manufacturing giant Samsung to integrate its AI assistant into their phones and it has already reached an agreement with Lenovo-owned Motorola to do the same, according toPerplexity’s app is also susceptible to an attack called “task hijacking” in which a rogue app takes control of the phone’s actions without your knowledge as you use a different one. The now-malicious app can then monitor your activity and collect data. For example, someone could hack Perplexity’s app so that if you’re typing a prompt into Amazon’s search box, it could unknowingly give hackers access to it. Halder said it could even fall prey to network-based attacks where people on an unsecured network such as an airport hotspot can have their conversations with Perplexity intercepted and their data stolen.’s first product was a conversational AI search engine that crawls the web for information and uses a mix of large language models from OpenAI, Anthropic and Meta to answer questions on any given topic by producing AI-generated summaries that include links to sources from across the web. It has raised a total of $900 million in venture funding from tech bigwigs like Amazon founder Jeff Bezos and OpenAI cofounder Andrej Karpathy and is currently valued at $9 billion, according to Pitchdeck. Perplexity’s app has more than 10 million downloads on Google Play.and other media outlets for allegedly plagiarizing their reporting and redistributing it across multiple platforms through a feature called Perplexity Pages. At the time, Srinivas said that its republishing product feature had “rough edges” and that Perplexity was “improving it with more feedback.” In June 2024,sent a cease-and-desist letter to Perplexity, accusing it of infringing copyright, to which the Perplexity responded saying the claims were meritless and that factual information is not protected by copyright law. Safety in the world of AI often focuses on the models themselves–ensuring that they’re producing accurate information and aren’t affected by bias. This report underscores the idea that securing the application where people interact with the models is just as important, Halder toldHalder’s advice to users is to remove Perplexity’s Android app from the phone until the issues are resolved. AI applications are being built at a breakneck speed and many are failing on the most basic vulnerability checks, Halder said, but “Perplexity is a full-blown security hazard.”
Security Data Android AI AI Search Samsung Motorola Safety Cybersecurity
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
The Account Switcher is moving back to its previous location in the Gmail for Android appAlan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon.
Read more »
Android Circuit: Galaxy S26 Ultra Leaks, Pixel 9 Pro On Sale, Epic’s Free Android GamesThis week’s Android headlines; Pixel 9a launch, Galaxy S26 Ultra upgrade, Pixel 9 Pro sales, Nothing Phone (3a) reviewed, Qualcomm’s new gaming Snapdragon, and more...
Read more »
Fitbit app redesign finally makes Health Metrics easier to read on Android and iOSAleksandar is a tech enthusiast with a broad range of interests, from smartphones to space exploration. His curiosity extends to hands-on DIY experiments with his gadgets, and he enjoys switching between different brands to experience the latest innovations.
Read more »
Fans will love the new Nintendo Today app available now for iOS and AndroidAlan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon.
Read more »
Android Auto’s latest beta brings full Android game supportAndroid Auto 14.1 is rolling out in beta form, bringing support for Android games including Angry Birds 2 and Candy Crush, along with a new fullscreen mode.
Read more »
This powerful anti-theft feature is finally coming to more Android phones with Android 16Aleksandar is a tech enthusiast with a broad range of interests, from smartphones to space exploration. His curiosity extends to hands-on DIY experiments with his gadgets, and he enjoys switching between different brands to experience the latest innovations.
Read more »