Two Chrome Extensions Stole ChatGPT & DeepSeek Chats from 900,000 Users
These articles are AI-generated summaries. Please check the original sources for full details.
Prompt Poaching: Chrome Extensions Exfiltrate AI Conversations
Two Chrome extensions, “Chat GPT for Chrome” (600,000 users) and “AI Sidebar” (300,000 users), were found to be secretly stealing ChatGPT and DeepSeek conversations, alongside browsing data, and sending it to attacker-controlled servers. This incident highlights a growing trend dubbed “Prompt Poaching” where user interactions with AI models are targeted for data exfiltration.
Why This Matters
Current AI security models often assume client-side confidentiality, but extensions bypass these protections by directly accessing the DOM. This poses a significant risk, as sensitive data shared with AI chatbots – including proprietary information and personal details – can be compromised, potentially leading to corporate espionage or identity theft. The scale of potential data loss is substantial, with millions of users at risk and the cost of remediation (investigation, notification, legal) potentially reaching millions of dollars.
Key Insights
- Prompt Poaching identified, 2026: Secure Annex coined the term “Prompt Poaching” to describe the tactic of stealing AI conversational data via browser extensions.
- DOM Scraping: The extensions use DOM scraping to identify and extract chat messages from webpages.
- Legitimate Extensions Involved: Even established extensions like Similarweb and Stayfocusd have been found to engage in data collection of AI interactions, albeit with updated privacy policies.
Working Example
# Example Python code demonstrating basic DOM parsing (illustrative, not from the context)
from bs4 import BeautifulSoup
html_content = """
<div class="chat-message">User: What is the capital of France?</div>
<div class="chat-message">AI: The capital of France is Paris.</div>
"""
soup = BeautifulSoup(html_content, 'html.parser')
messages = soup.find_all('div', class_='chat-message')
for message in messages:
print(message.text)Practical Applications
- Corporate Security: Organizations should audit installed browser extensions and implement policies restricting the use of untrusted add-ons.
- Pitfall: Relying solely on the “Featured” badge in the Chrome Web Store is insufficient; malicious extensions can initially evade detection.
References:
Continue reading
Next article
Understanding Python Virtual Environments: Why Every Python Developer Needs Them
Related Content
Fake AI Chrome Extensions Stole 900K Users' Data
Nearly 900,000 users had their ChatGPT and DeepSeek data stolen via malicious Chrome extensions mimicking legitimate AI tools.
Malicious Chrome Extensions Steal ChatGPT Access and Hijack Affiliate Links
Researchers uncovered 29 malicious Chrome extensions that steal ChatGPT authentication tokens and hijack affiliate links, affecting over 100,000 users.
Model Security Is the Wrong Frame – The Real Risk Is Workflow Security
AI security risks are shifting from models to workflows, highlighted by data theft from 900,000 users via malicious extensions and prompt injection attacks.