The rise of AI chatbots has brought convenience, but it’s also opened a Pandora’s Box of privacy concerns. A recent discovery reveals that certain Chrome and Edge extensions are quietly intercepting and transmitting your AI chat data to third parties, raising serious questions about browser security and data protection.
Imagine every conversation you have with ChatGPT, Gemini, or other AI assistants being recorded and shared without your explicit consent. That’s the reality for users of certain browser extensions, according to recent findings. The extensions, often posing as VPNs or utility tools, are employing aggressive techniques to siphon your data.
The core of the problem lies in the extensions’ ability to intercept network requests. According to security researcher Dardikman, the malicious extensions “wrap the original functions” of the browser’s fetch() API, which handles all network requests. This allows the extension’s code to inspect and modify data flowing between your browser and the websites you visit.
Once the AI chat data is intercepted, the extension parses the API responses, packages the information, and transmits it to remote servers. In this specific instance, the data was being exfiltrated to endpoints at analytics.urban-vpn.com and stats.urban-vpn.com, both associated with Urban VPN.
The investigation points to Urban VPN, and affiliated companies like BiScience and 1ClickVPN, as being involved in this data collection scheme. Attempts to contact these companies for comment were unsuccessful, with emails to their privacy addresses bouncing back, adding to the suspicion surrounding their activities.
Limited Use Policy Abuse
A loophole in the Chrome Web Store’s policies appears to be enabling this behavior. The Limited Use policy allows extensions to transfer user data to third parties if it’s deemed “necessary to providing or improving your single purpose” or for security reasons. However, this exception is being abused by bad actors who falsely claim these exceptions to sell user data.
Chrome Web Store appears to interpret their policies as allowing the transfer of user data, if extensions claim Limited Use exceptions through their privacy policy or other user disclosures,
wrote Wladimir Palant of Secure Annex. Unfortunately, bad actors falsely claim these exceptions to sell user data to third parties.
The immediate advice is clear: If you have any of these extensions installed, uninstall them immediately. Dardikman recommends operating under the assumption that any AI conversations you’ve had since July 2025 have been compromised.
- Review your installed browser extensions.
- Uninstall any VPN or utility extensions you don’t fully trust.
- Be wary of extensions that request broad permissions.
This incident highlights the growing challenges of maintaining privacy in an era of increasingly sophisticated data collection techniques. As AI becomes more integrated into our daily lives, it’s crucial to remain vigilant about the security and privacy implications of the tools we use. The incident also underscores the need for stricter enforcement of browser extension policies and greater transparency from extension developers.
The future of online privacy hinges on our ability to hold tech companies accountable and demand greater control over our personal data. This latest breach serves as a stark reminder that the responsibility for safeguarding our information ultimately rests with each of us.
