Two malicious Chrome extensions were observed exfiltrating browser data and users’ conversations with ChatGPT and DeepSeek, OX Security reports.
Impersonating a legitimate extension from AITOPIA, the two extensions gathered over 900,000 downloads, potentially impacting as many users.
The applications, called ‘Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI’ and ‘AI Sidebar with Deepseek, ChatGPT, Claude and more’, are no longer available in the Chrome web store.
According to OX Security, the extensions were abusing the AI-powered web development platform Lovable to host infrastructure components and anonymize their activity.
The legitimate AITOPIA extension they were impersonating allows users to chat with popular LLM models through a sidebar on top of visited websites.
The malicious applications copied the legitimate extension and added code that requested user consent to harvest “anonymous, non-identifiable analytics data” but instead stole the users’ complete ChatGPT and DeepSeek conversations.
Both extensions, OX Security says, collected all URLs from Chrome tabs, search queries, URL parameters containing session tokens, user IDs, and other authentication data.
By stealing the URLs from all browser tabs, they potentially leaked internal corporate domains, likely exposing corporate infrastructure and tools, OX Security says.
Depending on how the affected users interacted with the LLM models, the extensions potentially exfiltrated source code and development queries, personally identifiable information (PII), sensitive information such as confidential data and legal matters, and business strategies and planning.
“This data can be weaponized for corporate espionage, identity theft, targeted phishing campaigns, or sold on underground forums. Organizations whose employees installed these extensions may have unknowingly exposed intellectual property, customer data, and confidential business information,” OX Security notes.
Users are advised to remove the malicious extensions from their Chrome browser as soon as possible.
Related: GhostPoster Firefox Extensions Hide Malware in Icons
Related: Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors
Related: Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks
Related: New Firefox Extensions Required to Disclose Data Collection Practices
