Home / Technology / Malicious AI Chrome Extensions Steal Data
Malicious AI Chrome Extensions Steal Data
13 Feb
Summary
- Over 300,000 downloads of malicious Chrome extensions discovered.
- Extensions posed as AI tools but stole user data.
- Some extensions specifically targeted and extracted Gmail content.
Security experts have uncovered a significant threat within the Google Chrome Web Store, identifying over 30 malicious extensions designed to appear as popular Generative AI tools. These extensions, collectively downloaded more than 300,000 times, were discovered to be sophisticated surveillance and content-stealing tools. Researchers from LayerX reported that while these add-ons functioned outwardly as intended, they covertly transmitted user browsing data to third-party servers.
The malicious extensions employed techniques to extract text, titles, and metadata from any visited web page, including sensitive internal or authenticated content. A concerning subset of 15 extensions specifically contained code to access and exfiltrate email content and draft messages directly from the Gmail interface. Attackers implemented methods to evade detection, such as using full-screen iframes to load content remotely, enabling them to alter the extensions' behavior without triggering alerts via the Chrome Web Store.
Some of the most popular compromised extensions identified include AI Sidebar with 70,000 users, AI Assistant with 60,000 users, and ChatGPT Translate with 30,000 users. Users who have installed any of these malicious add-ons are strongly urged to uninstall them immediately and to update their account passwords as a precautionary measure.
