Fake AI Chrome Extensions Stole 900K Users' Data

Fake AI Chrome Extensions Steal 900K Users’ Data

Threat actors stole large language model (LLM) conversations and browser data from almost 900,000 users through malicious Chrome extensions. The campaign involved mimicking a legitimate AI-powered extension from AItopia, harvesting data from ChatGPT and DeepSeek before sending it to a command-and-control (C2) server.

Current application security practices struggle to keep pace with the rapid proliferation of browser extensions, especially those leveraging AI; ideally, extension permissions would naturally enforce strict data isolation. But, in reality, extensions routinely request broad permissions, allowing them access to sensitive user data, as seen with the exfiltration of detailed AI conversation history and browsing activity. This exposes organizations to potential intellectual property theft and data breaches.

Key Insights

• 900,000 users impacted: Represents the combined userbase of two malicious extensions.
• Prompt Poaching: A newly identified threat where extensions steal AI conversation data (Secure Annex, 2024).
• Featured Badge Misuse: Attackers leveraged the Google Chrome “Featured” badge to establish trust and increase downloads.

Practical Applications

• Use Case: Organizations utilizing LLMs for code generation or sensitive document drafting are particularly vulnerable to data leakage through compromised browser extensions.
• Pitfall: Overly permissive extension permissions grant attackers access to valuable data, like API keys or trade secrets, inadvertently exposed during LLM interactions.

References:

• https://www.darkreading.com/cloud-security/fake-ai-chrome-extensions-steal-900k-users-data