"This tactic of using browser extensions to stealthily capture AI conversations has been codenamed Prompt Poaching by Secure Annex. The two newly identified extensions "were found exfiltrating user conversations and all Chrome tab URLs to a remote C2 server every 30 minutes," OX Security researcher Moshe Siman Tov Bustan said. "The malware adds malicious capabilities by requesting consent for 'anonymous, non-identifiable analytics data' while actually exfiltrating complete conversation content from ChatGPT and DeepSeek sessions.""
"The names of the extensions, which collectively have over 900,000 users, are below - Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI (ID: fnmihdojmnkclgjpcoonokmkhjpjechg, 600,000 users) AI Sidebar with Deepseek, ChatGPT, Claude, and more. (ID: inhcgfpbfdjbjogdfjbclgolkmhnooop, 300,000 users) The malicious browser add-ons have been found to impersonate a legitimate extension named "Chat with all AI models (Gemini, Claude, DeepSeek...) & AI Agents" from AITOPIA that has about 1 million users."
Two malicious Chrome extensions were designed to exfiltrate ChatGPT and DeepSeek conversations along with browsing data to attacker-controlled servers. The extensions are identified as Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI (600,000 users) and AI Sidebar with Deepseek, ChatGPT, Claude, and more. (300,000 users), totaling over 900,000 installations. The malware collects complete conversation content and all Chrome tab URLs every 30 minutes and transmits them to a remote C2 server. The add-ons request permission for "anonymous, non-identifiable analytics data" to conceal exfiltration and impersonate a popular AITOPIA extension while remaining available on the Chrome Web Store.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]