Malicious browser extensions are increasingly targeting users of popular AI platforms such as ChatGPT, Claude, Copilot, Gemini, and DeepSeek. These extensions, often masquerading as legitimate tools, secretly harvest sensitive user data, including personal conversations and confidential business information.
According to a report by G Data, three specific Chrome extensions have been identified: Urban VPN, Smart Sidebar, and AI Assistant (now rebranded as Chat AI). These extensions, despite their high ratings and large user bases, inject scripts into browsers to intercept and exfiltrate data from AI interactions.
Urban VPN, for instance, included a hidden JavaScript file named ‘content.js’ that targeted conversations across multiple AI platforms. Similarly, Smart Sidebar embedded a file called ‘aiResponder.js’ to monitor and capture chat interactions. The collected data was then encoded and transmitted to attacker-controlled domains.
Users often share sensitive information with AI platforms, making them lucrative targets for cybercriminals. The exploitation of trusted browser extensions underscores the need for vigilance when installing add-ons, even from official stores.
To mitigate such risks, users should regularly audit their browser extensions, remove any unnecessary or unfamiliar ones, and stay informed about potential security threats. Organizations should implement strict policies regarding the use of browser extensions to protect sensitive data.
Source: Cyber Security News
