ADVERTISEMENT

These Chrome AI assistants secretly harvested ChatGPT chats

Nearly 900,000 people installed AI browser assistants on Chrome and Edge that secretly harvested their chat conversations and browsing activity.

chrome and edge fake ai assistant extentions are spying on users

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Mar 6, 2026 3 min read
chrome extention ai
Attack chain illustrating how a malicious AI‑themed Chromium extension progresses from marketplace distribution to persistent collection and exfiltration of LLM chat content and browsing telemetry. Source: Microsoft

How malicious AI extensions steal data

  • Full URLs visited in the browser, including internal corporate sites
  • Snippets of AI chat prompts and responses
  • The AI models used during conversations
  • Persistent identifiers tied to each user session

Why AI chat data is valuable

ADVERTISEMENT
  • Proprietary code
  • Internal workflows
  • Strategic planning discussions
  • Confidential documents or datasets

Browser extensions are a growing blind spot in security

Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

How organizations can defend themselves

  • Monitoring network traffic for connections to suspicious domains such as *.chatsaigpt.com and *.deepaichats.com
  • Auditing and restricting browser extensions used within the organization
  • Enabling SmartScreen and network protection features
  • Deploying data protection controls around AI tools and chat platforms
  • Employers should establish clear policies for how employees use AI in the workplace
  • Employees should also periodically review their installed extensions and remove any unfamiliar ones

ADVERTISEMENT