What kind of data did the malicious AI extensions steal?

The malicious AI extensions stole sensitive data such as emails, passwords, and browsing information.

How many users were affected by the fake AI extensions?

Over 300,000 Chrome users installed the malicious extensions.

What is the AiFrame campaign?

AiFrame is a campaign involving 30 malicious browser extensions that posed as AI assistants to steal user data.

Home / Technology / AI Extensions Steal Emails, Passwords: 300k Users Hit

AI Extensions Steal Emails, Passwords: 300k Users Hit

13 Feb

•

Summary

Over 300,000 users installed malicious Chrome extensions.
Extensions posed as AI tools, stealing emails and passwords.
Voice recognition feature allowed recording of conversations.

AI Extensions Steal Emails, Passwords: 300k Users Hit

Malicious browser extensions disguised as AI assistants have compromised over 300,000 Chrome users. Discovered by LayerX researchers, these extensions, collectively known as AiFrame, secretly exfiltrated sensitive data including emails, passwords, and browsing habits. One particularly alarming capability allowed for remote voice recognition and transcription, potentially recording live conversations. The campaign utilized a single domain for communication with cybercriminals, with many extensions being removed from the Chrome Web Store. Users of Chrome and other Chromium-based browsers are strongly advised to audit and remove any extensions that seem suspicious, especially those promising easy access to AI tools. Staying vigilant and checking developer legitimacy are crucial steps in preventing such cyber threats. Antivirus software and identity theft protection services are also recommended for comprehensive security.

Disclaimer: This story has been auto-aggregated and auto-summarised by a computer program. This story has not been edited or created by the Feedzop team.