Cybersecurity researchers have uncovered a widespread threat campaign on the Google Chrome Web Store involving two seemingly legitimate browser extensions that together have been installed by at least 900,000 users and were covertly harvesting sensitive AI chatbot conversations and general browsing data before transmitting it to attacker-controlled servers. Industry analysts from OX Security reported that the malicious add-ons, which impersonated respected productivity tools and even bore Google’s “Featured” badge at one point, specifically scraped content from ChatGPT and DeepSeek interactions along with URLs and tab activity, presenting a serious risk for individuals and organizations alike given the volume of personal and professional communications potentially exposed to unknown third parties. Major tech outlets have now raised alarms over how these extensions used standard browser APIs to silently monitor activity in real time and how they cleverly gained user consent under misleading pretenses, highlighting ongoing challenges in securing browser extension ecosystems despite platform vetting efforts. Security experts are urging users to audit their installed extensions, remove unfamiliar add-ons, and reconsider the privacy implications of granting broad permissions to third parties within widely used tools like Chrome.
Sources:
https://thehackernews.com/2026/01/two-chrome-extensions-caught-stealing.html
https://www.techrepublic.com/article/news-900k-users-chrome-extensions-steal-chatgpt-deepseek-chats/
https://cyberpress.org/malicious-chrome-extension-exposed-for-stealing-chatgpt-and-deepseek-chats-from-900000-users/
Key Takeaways
• Two malicious Chrome extensions with nearly a million installs were exfiltrating AI chatbot conversations and browsing activity to attacker servers, undermining user trust in browser add-ons.
• The extensions mimicked legitimate AI tools and used misleading consent prompts, demonstrating how easily sophisticated actors can bypass platform safeguards.
• This incident underscores persistent vulnerabilities in browser extension ecosystems and the need for users to critically assess permissions and remove untrusted software.
In-Depth
A significant security incident has thrust the risks associated with seemingly innocuous browser extensions into the spotlight. Late in 2025 and into early 2026, researchers at OX Security uncovered a coordinated threat campaign in which two Chrome extensions — “Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI” and “AI Sidebar with Deepseek, ChatGPT, Claude, and more” — were quietly siphoning user data that should have remained private. Posing as productivity enhancements, these extensions were downloaded nearly 900,000 times before analysts determined they were collecting entire streams of AI chatbot conversations and general browsing data and sending them to remote servers under the control of malicious actors.
The seriousness of this breach lies not only in its scope but in its method. The malware leveraged the chrome.tabs API to monitor real-time browser activity and was able to scrape text from active sessions with services like ChatGPT and DeepSeek. To avoid triggering suspicion, it requested permissions under the benign guise of improving analytics or user experience, a deception that proved effective in gaining user trust. Compounding the problem, one of the rogue extensions briefly carried a “Featured” designation in the Chrome Web Store, falsely implying compliance with Google’s security standards.
This incident is an important reminder that platform vetting is not infallible and that users must be judicious in granting permissions to third-party software. Regular audits of installed extensions, prompt removal of unfamiliar add-ons, and a critical eye toward permission requests are simple yet effective steps for mitigating similar threats going forward.