Cybersecurity researchers have identified two highly malicious Chrome extensions that successfully compromised the data of over 900,000 users. These extensions were explicitly designed to exfiltrate confidential user conversations conducted on popular AI platforms, specifically OpenAI ChatGPT and DeepSeek AI, transmitting the data alongside general browsing activity to attacker-controlled servers.
One of the implicated extensions was named “Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI,” masquerading as a tool offering advanced functionality for major AI models.
This incident underscores the inherent danger of granting extensive permissions to third-party tools in the pursuit of convenience, especially as AI adoption accelerates. For Web3 users, the threat posed by compromised browser extensions is magnified, as the browser environment is crucial for sensitive operations such as wallet interactions and transaction signing. Extensions, by nature, possess deep access to the browser, making them ideal vectors for surveillance and data theft.
As Web3 security specialists, we urge all users to critically vet the developer reputation of any extension installed and strictly adhere to the Principle of Least Privilege. Maintaining the integrity of your browser environment remains the frontline defense for protecting digital assets and sensitive communications.
Source: Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
コメント