Cybersecurity researchers have uncovered malicious Chrome extensions that exfiltrate user chatbot conversations and browsing data to remote servers, posing severe privacy risks. These extensions impersonate legitimate tools, collecting sensitive information that can be exploited for espionage, identity theft, or targeted attacks. #UrbanVPNProxy #PromptPoaching
Keypoints
- Two new malicious Chrome extensions are designed to steal conversations from ChatGPT and DeepSeek.
- They exfiltrate chat data and browsing URLs to remote command-and-control servers every 30 minutes.
- The malware impersonates legitimate extensions and requests permissions to harvest user data.
- Hosting infrastructure uses AI-powered platforms like Lovable to hide malicious activities.
- Users are advised to remove suspicious extensions and avoid installing unknown add-ons for privacy protection.
Read More: https://thehackernews.com/2026/01/two-chrome-extensions-caught-stealing.html