Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that were designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations, along with browsing data, to servers under the attackers’ control. These extensions collectively boasted over 900,000 users. One of the identified extensions is named “Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI.” Given that AI chat services often contain sensitive professional discussions and personal data, this data exfiltration poses an extremely serious security risk. Users must exercise extreme caution, even on the Chrome Web Store, by strictly verifying the extension provider and the permissions requested, and avoiding suspicious AI-related tools.
Malicious Chrome Extensions Steal ChatGPT and DeepSeek Chats, Affecting Over 900,000 Users
News
コメント