Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Impersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating users’ browser activity.

Two malicious Chrome extensions were observed exfiltrating browser data and users’ conversations with ChatGPT and DeepSeek, OX Security reports.

Impersonating a legitimate extension from AITOPIA, the two extensions gathered over 900,000 downloads, potentially impacting as many users.

The applications, called ‘Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI’ and ‘AI Sidebar with Deepseek, ChatGPT, Claude and more’, are no longer available in the Chrome web store.

According to OX Security, the extensions were abusing the AI-powered web development platform Lovable to host infrastructure components and anonymize their activity.

The legitimate AITOPIA extension they were impersonating allows users to chat with popular LLM models through a sidebar on top of visited websites.

The malicious applications copied the legitimate extension and added code that requested user consent to harvest “anonymous, non-identifiable analytics ...