Security researchers at cybersecurity softare company OX Security have uncovered a widespread malware campaign involving two Chrome extensions that impersonate a legitimate AI sidebar tool while covertly collecting users’ ChatGPT and DeepSeek conversations along with extensive browsing data. Combined, the malicious extensions have been installed by more than 900,000 users.
Despite containing data-stealing functionality, one of the extensions was even marked with Google’s “Featured” badge in the Chrome Web Store, increasing its visibility and perceived trustworthiness.
OX Security identified the following Chrome extensions as part of the campaign:
- Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI
- AI Sidebar with Deepseek, ChatGPT, Claude and more
Both extensions marketed themselves as productivity tools offering AI sidebar functionality, closely mimicking the look and behavior of the legitimate AITOPIA AI sidebar extension. While the genuine AITOPIA product discloses its data handling practices, the malicious versions falsely claimed to collect only anonymized analytics while secretly exporting sensitive user content.
According to research findings, the extensions collected full ChatGPT and DeepSeek conversation content. It also collected Chrome browsing activity, including:
- URLs from all open browser tabs
- Search queries
- Internal corporate pages
- URL parameters that may expose identifiers or session details
A unique identifier was generated for each affected user, allowing continued tracking of individual victims. Stolen data was stored locally and then transmitted to attacker-controlled servers approximately every 30 minutes.
The threat actors hosted privacy policies and related infrastructure using the Lovable AI web development platform, obscuring ownership and complicating attribution. The extensions also referenced AITOPIA in their privacy text, reinforcing the impersonation and increasing credibility for users attempting to verify legitimacy.
Additionally, if one malicious extension was removed, users were redirected toward the installation page of the other extension in an attempt to keep victims within the same malware operation.
The malicious extensions have been reported, yet they are still available in the Chrome Web Store, including the version that continues to display a Featured badge
Users who installed either extension are advised to remove them immediately using Chrome’s extension management settings and review personal and organizational accounts for potential exposure and monitoring for suspicious activity.
Organizations should assess whether employees installed the extensions in corporate environments and evaluate potential data leakage involving internal systems, intellectual property, or sensitive communications conducted through AI platforms.
Leave a Reply