"Security firm Koi discovered the eight extensions, which as of late Tuesday night remained available in both Google's and Microsoft's extension stores. Seven of them carry "Featured" badges, which are endorsements meant to signal that the companies have determined the extensions meet their quality standards. The free extensions provide functions such as VPN routing to safeguard online privacy and ad blocking for ad-free browsing. All provide assurances that user data remains anonymous and isn't shared for purposes other than their described use."
"An examination of the extensions' underlying code tells a much more complicated story. Each contains eight of what Koi calls "executor" scripts, with each being unique for ChatGPT, Claude, Gemini, and five other leading AI chat platforms. The scripts are injected into webpages anytime the user visits one of these platforms. From there, the scripts override browsers' built-in functions for making network requests and receiving responses."
"As a result, all interaction between the browser and the AI bots is routed not by the legitimate browser APIs-in this case fetch() and HttpRequest-but through the executor script. The extensions eventually compress the data and send it to endpoints belonging to the extension maker. "By overriding the [browser APIs], the extension inserts itself into that flow and captures a copy of everything before the page even displays it," Koi CTO Idan Dardikman wrote in an email."
Eight Chromium browser extensions with more than 8 million combined installs harvest complete AI-chat conversations and transmit them to third-party endpoints for marketing and data-broker use. Seven of the extensions carried "Featured" badges in Google and Microsoft extension stores and presented as free VPN, ad-blocking, and privacy tools that promised anonymity. Each extension contains multiple "executor" scripts targeting ChatGPT, Claude, Gemini, and other chat platforms. The scripts inject into platform pages, override browser network APIs (fetch() and HttpRequest), capture full conversations, compress the data, and forward it to the extension maker's servers for monetization. The data collection reportedly occurred over months and the extensions remained available in stores as of late Tuesday night.
Read at Ars Technica
Unable to calculate read time
Collection
[
|
...
]