Chrome extensions are reported to be stealing AI chats

Researchers reported that two Chrome extensions impersonating AI sidebar add-ons sent users' chatbot conversations and browsing data to third-party servers, and the extensions no longer appear in the Chrome Web Store.

Two Chrome extensions that presented themselves as AI sidebar add-ons have been reported to send users' AI chatbot conversations and browsing activity to third‑party servers. Ox Security researchers identified the add-ons as impersonating legitimate AITOPIA extensions and observed the data exfiltration. The extensions appeared to carry Featured or Verified badges and showed large user counts. As of the article's publication, the extensions did not appear in the Chrome Web Store. Key findings: - Researchers reported two extensions impersonating AITOPIA sidebar add‑ons that sent AI chatbot conversations and browsing data to external servers. - The extensions displayed Featured or Verified badges and had reported large user counts. - Investigators observed that uninstalling one extension triggered the other to open a tab prompting installation; the extensions were not listed in the store at the time of reporting. Summary: The reported activity exposed AI chat and browsing data to third‑party servers, according to Ox Security researchers. Undetermined at this time.