Two Chrome extensions — one of which Google featured — have been recently discovered to steal users’ ChatGPT and DeepSeek chat histories.
Security researchers at OX Security uncovered the campaign, and it’s a nasty one. The extensions were hiding in plain sight on the Chrome Web Store, posing as “AITOPIA” tools. AITOPIA tools add an AI sidebar to any website so users can chat with LLMs. Sounds handy, until the spyware kicks in.
OX Security found two extensions with over 900,000 combined installs. The information that these extensions take specifically include:
The danger lies in one of these extensions being featured and validated as a Google extension, while Google does take action to take down these extensions that exploit loopholes to gain verification, it’s still important for you to not immediately trust that verified tick.
OX says they notified Google, but today, the extensions are still live and “under review.”
Here are the two culprits:
Researchers point out that AI chat history can include proprietary code, personal information, and sensitive business data.
If you’ve installed either of these extensions:
👉 Remove them immediately
👉 Audit your browser for anything you don’t recognise
This isn’t even the first time this has happened. A previous “Featured” extension with six million users was also caught harvesting AI chats. It’s becoming a pattern.
We hope you’ve liked this blog. Stay tuned for more blogs like this. Stay safe!
