日本語
Other

Chrome Extension with 6 Million Users Caught Secretly Harvesting and Selling AI Chat Data

Security researchers discovered that 'Urban VPN,' a Google Chrome extension with a 'Featured' badge, was secretly collecting and selling all prompts entered into major AI chatbots including ChatGPT, Claude, and Gemini.

Cybersecurity ChatGPT Claude Gemini Grok Google Microsoft AI Safety

Overview

Security research firm Koi revealed on December 15 that “Urban VPN,” a browser extension with a “Featured” badge on the Google Chrome Web Store and over 6 million users, had been secretly collecting all user prompts sent to AI chatbots.

Targeted AI Services

The following major AI chatbots were affected:

  • OpenAI ChatGPT
  • Anthropic Claude
  • Google Gemini
  • Microsoft Copilot
  • xAI Grok
  • DeepSeek
  • Meta AI
  • Perplexity

How It Worked

Data Collection Methods

Starting with version 5.5.0 released on July 9, 2025, AI data harvesting was enabled by default through hard-coded settings. This functionality:

  • Collected every prompt users entered into AI chatbots
  • Captured AI responses as well
  • Sold collected data to third parties

The Fake “AI Protection” Feature

Ironically, Urban VPN advertised an “AI protection” feature on its extension page, claiming to provide:

  • Personal data detection in prompts
  • Suspicious link detection in chatbot responses
  • User warnings before submission

In reality, these features served as a pretext to intercept AI communications and harvest data.

Security Expert Warnings

Trust Issues with Extension Marketplaces

The Hacker News noted that this case “demonstrates how trust associated with extension marketplaces can be abused to amass sensitive data at scale.”

The risk is particularly serious as AI chatbot usage grows and users increasingly share personal information, seek advice, and discuss emotional topics with AI assistants.

Gartner’s Recommendations

Research firm Gartner published a report last week warning that “AI browsers are too risky for general adoption by most organizations.” They recommended that Chief Information Security Officers (CISOs) “block all AI browsers in the foreseeable future to minimize risk exposure.”

Affected User Count

  • Chrome extension: Over 6 million users
  • Microsoft Edge Add-ons: Over 2 million users
  • Total: More than 8 million users affected
  1. Immediately uninstall the Urban VPN extension
  2. Change passwords for AI chatbot services
  3. Review sensitive information shared in past AI conversations
  4. Audit and remove unnecessary browser extensions
  5. Don’t trust extensions unconditionally, even with “Featured” badges

Implications

This incident highlights the need for stronger security review processes for browser extensions. Google’s “Featured” badge was perceived as a guarantee of quality and safety, but this case raises serious questions about that assumption.

← Back to All Articles