Malicious Chrome Extensions Steal AI Conversations from 900,000 Users While Google Reviews Issue

Dec 30, 2025
OX Security
Article image for Malicious Chrome Extensions Steal AI Conversations from 900,000 Users While Google Reviews Issue

Summary

Malicious Chrome extensions masquerading as legitimate AITOPIA software steal ChatGPT and DeepSeek conversations from over 900,000 users, with one even earning Google's 'Featured' badge while secretly exfiltrating complete AI chats, browsing data, and search queries to remote servers every 30 minutes as Google keeps both extensions live during ongoing review.

Key Points

  • Malicious Chrome extensions impersonating legitimate AITOPIA software steal ChatGPT and DeepSeek conversations from over 900,000 users, with one extension receiving Google's 'Featured' badge despite containing data-stealing malware
  • The extensions exfiltrate complete AI conversation content, browsing URLs, and search queries to remote servers every 30 minutes while falsely claiming to only collect anonymous analytics data
  • Google confirms the issue remains under review as both malicious extensions stay live on the Chrome Web Store, potentially exposing proprietary code, business strategies, and personal information shared during AI conversations

Tags

Security Privacy Natural Language Consumer Behavior
Read Original Article