Malicious Extensions Steal Your Chat Histories!

What Happened

Imagine chatting with an AI assistant, only to find out that someone is secretly listening in. Malicious AI browser extensions have been discovered that harvest chat histories^? and browsing data from popular platforms like ChatGPT and DeepSeek. With nearly 900,000 installs and activity across more than 20,000 enterprise tenants, this campaign reveals a serious threat lurking in your browser.

These extensions, designed to look harmless, have been quietly collecting sensitive information. Users installed them thinking they were helpful tools, but instead, they became unwitting participants in a data theft operation. The implications of this breach are staggering, especially for businesses that rely on AI for sensitive communications.

Why Should You Care

You might think, "I don’t use these extensions, so I’m safe." But think again! If you or your company use AI tools, your data could still be at risk. Just like leaving your front door unlocked invites unwanted guests, installing unverified browser extensions^? can expose your personal and professional information to cybercriminals^?.

Your chat histories, passwords, and browsing habits could be compromised. This isn’t just a tech issue; it’s a personal one. If your data gets into the wrong hands, it could lead to identity theft or financial loss. Protecting your information should be a top priority.

What's Being Done

Cybersecurity experts are on high alert. They are investigating the extent of the damage and working on solutions to mitigate the risks. Here’s what you can do right now:

• Remove any suspicious browser extensions from your devices immediately.
• Change your passwords for any accounts that may have been accessed.
• Monitor your accounts for unusual activity.

Experts are keeping a close eye on the situation, looking for patterns in the data stolen and how to prevent similar attacks in the future. Stay informed and vigilant to protect yourself from these evolving threats.