Free Google Chrome extension collects and commercializes (with the permission of six million users) private conversations with chatbots such as ChatGPT, Claude, Gemini, DeepSeek and Grok.
A recent investigation by Tel Aviv-based cybersecurity firm Koi accuses a free Google Chrome extension of Urban VPN Proxyto collect and market private user conversations with artificial intelligence chatbots, including ChatGPT, Claude, Spirit, DeepSeek e Grok.
According to researcher Idan Dardikman, the extension, which would be approximately six million usersincorporates “executor” scripts designed to intercept and capture content generated on AI platforms. The collection would cover “everything a user could ask” a chatbot, including medical questions, financial data, proprietary code and personal dilemmas, with subsequent sale for “marketing analytics” purposes.
The report describes how the extension would continue to collect data regardless of whether the VPN service was active or not. Furthermore, the collection mechanism would be on by default, meaning that, From the moment the extension is installed, conversations with AI assistants are potentially exposed. According to the note cited by the company, there would be no visible option for the user to deactivate the collection. According to this description, the only way to stop the process would be to uninstall the extension.
The company behind Urban VPN Proxy, Urban Cyber Security Inc, would not hide data sharing, according to the investigation. The privacy policy explicitly mentioned that the company shares “browsing data” with an affiliate, the data broker BiSciencewhich would transform raw information into “insights” for commercial use and sharing with partners.
In parallel, the extension’s page on the Chrome Web Store would display messages that, according to the report, conflict with these practices, indicating that the data would not be sold to third parties outside of “approved use cases” and would not be used for purposes unrelated to the main functionality.
Forbes states that there would be seven more applications from the same publisher, totaling more than two million customers, with identical AI conversation collection features. Almost all of them would display the “featured” badge in the Chrome store.
Dardikman recommends that users with these extensions installed remove them immediately and assume that AI conversations since July may have been captured and shared.
To confirm whether you have the said extension installed on Chrome, type “chrome://extensions/” in the address bar in Chrome and search to see activated/disabled extensions.
