What's Happening?
Two malicious Chrome extensions have been discovered exfiltrating users' conversations with AI models like ChatGPT and DeepSeek. These extensions, which impersonated a legitimate AITOPIA extension, were
downloaded over 900,000 times. They collected sensitive data, including URLs, search queries, and session tokens, potentially exposing corporate information. The extensions were hosted on the AI-powered web development platform Lovable, which helped anonymize their activities. Users are advised to remove these extensions to prevent further data breaches.
Why It's Important?
The discovery of these malicious extensions highlights the risks associated with browser extensions and the potential for data breaches. With the increasing use of AI models in various applications, the theft of conversation data poses significant privacy and security concerns. Organizations may face corporate espionage, identity theft, and targeted phishing attacks as a result of such breaches. This incident underscores the need for users to be cautious when installing extensions and for developers to implement stricter security measures to protect user data.
