Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

Marketed as ChatGPT enhancement and productivity tools, the extensions allow the threat actor to access the victim’s ChatGPT data.

A threat actor has created 16 browser extensions to steal users’ ChatGPT sessions and published them to the official Chrome and Edge stores, LayerX reports.

Banking on the increased adoption of AI-powered browser extensions that fulfill users’ productivity needs, the threat actor published 15 extensions to the Chrome Web Store and one to the Microsoft Edge Add-ons marketplace.

Marketed as ChatGPT enhancement and productivity tools, the extensions have a combined download count of over 900, and they were still available through the official marketplaces as of January 26, LayerX says.

The tools were designed to intercept users’ ChatGPT session authentication tokens and send them to a remote server, but they don’t exploit ChatGPT vulnerabilities to do so.

Instead, they inject a content script into chatgpt.com and execute it ...