"A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence (AI)-powered chatbots like OpenAI ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSeek, Google Gemini, xAI Grok, Meta AI, and Perplexity. The extension in question is Urban VPN Proxy, which has a 4.7 rating on the Google Chrome Web Store."
"Once the script is injected, it overrides the browser APIs used to handle network requests - fetch() and XMLHttpRequest() - to make sure that every request is first routed through the extension's code so as to capture the conversation data, including users' prompts and the chatbot's responses, and exfiltrate them to two remote servers ("analytics.urban-vpn[.]com" and "stats.urban-vpn[.]com")."
"The exact list of data captured by the extension is as follows - Prompts entered by the user Chatbot responses Conversation identifiers and timestamps Session metadata AI platform and model used"
Urban VPN Proxy, a Chrome extension with a "Featured" badge and roughly six million users (4.7 rating), also has about 1.3 million installations on Microsoft Edge. Version 5.5.0, released July 9, 2025, enabled AI data harvesting by default using hard-coded settings. A tailored executor JavaScript (e.g., chatgpt.js, claude.js, gemini.js) injects into targeted AI chatbot pages and overrides fetch() and XMLHttpRequest() to route requests through the extension, capturing prompts, responses, conversation IDs, timestamps, session metadata, and platform/model information, then exfiltrating the data to analytics.urban-vpn[.]com and stats.urban-vpn[.]com.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]