Subscribe to the Non-Human & AI Identity Journal

Forums
The Non-Human & AI ...
General NHI, AI & I...
900K Users Affected...
 
Notifications
Clear all

900K Users Affected by Malicious AI Chrome Extensions

 
    Last Post
  RSS

 Astrix Security
(@astrix)
Estimable Member
Joined: 1 year ago
Posts: 78
Topic starter 08/01/2026 5:49 pm  

Executive Summary

Over 900,000 users were compromised by malicious AI Chrome extensions posing as a legitimate product called AITOPIA, which stole sensitive data including ChatGPT conversations and browsing history. Affected users relied on these extensions for their functionality, unaware of the data theft occurring every 30 minutes. Crucially, Astrix Security identified and flagged these threats early, helping 85% of its customers remove the extensions before further damage could occur. This incident highlights significant security implications for browser-based AI tools.

👉 Read the full article from Astrix Security here for comprehensive insights.

Key Insights

1. Malicious Extensions Overview

  • Two Chrome extensions marketed as AI sidebars were discovered to exfiltrate user data.
  • These extensions had collectively accrued around 900,000 installations, misleading users about their legitimacy.
  • One extension even held a Google “Featured” badge, boosting its perceived trustworthiness.

2. Mechanism of Data Theft

  • The extensions functioned normally as advertised but secretly captured sensitive data every 30 minutes.
  • Collected data included ChatGPT and DeepSeek conversations along with all open-tab URLs.
  • Data was sent to attacker-controlled infrastructure, posing severe privacy risks.

3. Astrix Security’s Proactive Measures

  • Astrix Security identified the high-risk extensions early, warning customers about their connections to an untrusted vendor.
  • As a result, 85% of affected users removed the extensions proactively after receiving alerts.
  • This response exemplifies the importance of security vigilance in the evolving landscape of AI tools.

4. Implications for Browser Security

  • This incident serves as a critical reminder for security teams to reconsider the risks associated with AI helper tools in browsers.
  • Organizations must adopt robust monitoring and detection strategies to safeguard against similar threats in the future.

👉 Access the full expert analysis and actionable security insights from Astrix Security here.



   
Quote
Topic Tags
Astrix Security Malicious AI Chrome Extensions Data Theft AITOPIA
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  Astrix Security (58) , Malicious AI (1) , Chrome Extensions (1) , Data Theft (2) , AITOPIA (1) ,
Share:

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.