Home / Technology / AI Chat Extensions Steal Your Secrets!
AI Chat Extensions Steal Your Secrets!
7 Jan
Summary
- Malicious extensions are exfiltrating user conversations with AI chatbots.
- Two extensions with over 900,000 users were found harvesting data.
- This alarming trend exploits reputable browser stores for malicious purposes.
A concerning new tactic known as 'prompt poaching' is on the rise, where browser extensions and add-ons secretly record and steal conversations with AI chatbots. Researchers recently identified two Chrome extensions, boasting a combined user base exceeding 900,000, actively exfiltrating user chats and all visited Chrome tab URLs. These malicious extensions masqueraded as legitimate tools, deceiving users into granting permissions under the guise of improving user experience.
These extensions were found to be sending sensitive data to a remote server every 30 minutes. Despite requesting consent for 'anonymous, non-identifiable analytics data,' they were in fact harvesting complete conversation content from AI platforms like ChatGPT and DeepSeek. This exploitation of user trust highlights a growing threat, especially as many such malicious applications are discovered on official, reputable browser stores.
This practice follows similar incidents, such as Urban VPN Proxy, which had millions of installations before being found to harvest AI chats. The proliferation of these extensions, some even stealing credentials or payment data, underscores a critical security risk. Users must remain vigilant about the permissions granted to browser add-ons, particularly those interacting with AI services.
