Security Alert: Malicious Chrome Extensions Stole 900K Users’ AI Chat Conversations
Two Chrome browser extensions with a combined 900,000+ downloads have been caught secretly stealing users’ AI conversations.
Two Chrome Extensions Caught Stealing AI Chats:
| Extension Name | Downloads | Activity |
|---|---|---|
| GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI | 600,000 | Stealing user data while pretending to improve browsing experience |
| AI Sidebar with Deepseek, ChatGPT, Claude and more | 300,000 | Stealing user data while pretending to improve browsing experience |
Security researchers at OX Security uncovered these two widely used extensions, which were actively monitoring and harvesting user data under the guise of improving the browsing experience.
How the Extensions Worked:
Security researchers at OX Security uncovered two widely used Chrome extensions that targeted user interactions with ChatGPT and DeepSeek. Once installed, the extensions quietly monitored browser tab activity and extracted AI chat data in the background.
- Target AI Chats — monitored interactions with ChatGPT and DeepSeek.
- Background Monitoring — detected when AI chatbots were opened and started data collection.
- Data Exfiltration — user conversations and all Chrome tab URLs were sent to a remote server every 30 minutes.
“The two extensions were found exfiltrating user conversations and all Chrome tab URLs to a remote command-and-control server every 30 minutes,” said Moshe Siman Tov Bustan, security researcher at OX Security. Read full OX Security report
These malicious extensions disguised themselves as helpful AI tools while secretly harvesting sensitive data.
How Users Were Tricked
To carry out the attack, the extensions tricked users into granting permissions to collect supposedly anonymized browser data. Behind the scenes, embedded malware scanned webpage elements to extract chatbot conversations, stored the data locally, and later transmitted it to attacker-controlled servers. To further cover up their actions, the threat actors used AI-powered web development platforms to host fake privacy policies and related infrastructure, making the extensions appear legitimate.
Thankfully, both extensions have since been removed from the Chrome Web Store. Do note that the extension impersonates a legitimate extension named "Chat with all AI models (Gemini, Claude, DeepSeek...) & AI Agents" from AITOPIA.
Why This Matters
This is part of a growing trend, with multiple Chrome extensions recently caught stealing AI chats. As more users share sensitive information with AI tools, prompt poaching is becoming a serious security concern.
The fact that these extensions were hosted on the official Chrome Web Store shows how easily user trust can be exploited.
Pro Tip: Always verify Chrome extensions before installing. Avoid granting unnecessary permissions, check ratings, and only install extensions from trusted developers to protect your AI chat data. Sell your Samsung Galaxy or sell your iPhone today to get paid fast with Clickncell offering instant quotes, free shipping, and top-dollar payouts.
