Security researchers discovered a malicious Chrome extension called “ChatGPT Ad Blocker” that posed as an ad-blocking utility while systematically harvesting full ChatGPT conversation pages. The extension clones the page DOM, preserves most text content, bundles prompts and metadata into a page dump, and exfiltrates it to a private Discord channel via a hardcoded webhook, raising concerns linked to the GitHub persona krittinkalra and associated services. #ChatGPTAdBlocker #Writecream
Keypoints
- A Chrome extension named ChatGPT Ad Blocker was found on the Chrome Web Store posing as a lightweight ad-stopping tool.
- The extension clones the entire ChatGPT page DOM, strips rendering elements but preserves text and structure.
- It selectively redacts only very long text nodes, leaving most user prompts and AI responses intact.
- Captured data (full prompts, metadata, UI state) is sent to a private Discord channel via a hardcoded webhook and processed by a bot called “Captain Hook.”
- The extension is linked to GitHub ID krittinkalra and services like AI4ChatCo and Writecream, prompting concerns about broader data theft across related AI apps.
Read More: https://securityonline.info/chatgpt-ad-blocker-extension-malware-data-harvesting/