It can often feel comfortable to browse the web, especially when you’re adding tools that seem like they’ll enhance your experience. Yet, security experts have revealed a troubling campaign where over 300,000 users installed a Chrome extension that pretended to be an AI assistant. Instead of offering help, these impostors covertly gathered sensitive data—think emails, passwords, and browsing patterns.
Names you might recognize, such as ChatGPT and AI Assistant, were involved. If you use Chrome and have added any AI-related extensions, it’s possible your personal details are already at risk. Alarmingly, some of these harmful extensions are still accessible online, exposing even more users to potential dangers without their awareness.
What to Know About Fake AI Extensions
Researchers from LayerX discovered about 30 fraudulent Chrome extensions disguised as AI helpers, racking up more than 300,000 installations among unsuspecting users. Some of the popular ones included AI Sidebar (70,000 users) and AI Assistant (60,000 users), among others.
These extensions were made available through the official Chrome Web Store, which made them seem legitimate. But many of these tools linked back to the same shady servers, suggesting a coordinated scheme. While some extensions have been removed, others remain on the market. This means new users might still be installing them, inadvertently leaking their personal information. Here’s a list of the known malicious extensions:
- AI Assistant
- Llama
- Gemini AI Sidebar
- AI Sidebar
- ChatGPT Sidebar
- Grok
- Ask a Question to ChatGPT
- Chat GBT
- Chatbot GPT
- Grok Chatbot
- Chat with Gemini
- Zai
- Google Gemini
- Ask Gemini
- AI Letter Generator
- AI Message Generator
- AI Translator
- AI for Translation
- AI Cover Letter Generator
- AI Image Generation ChatGPT
- AI Wallpaper Generator
- AI Picture Generator
- Deep Seek Download
- AI Email Writer
- Email Generation AI
- Deep Seek Chat
- ChatGPT Image Generator
- Chat GPT Translation
- AI GPT
- Chat GPT Translation
- ChatGPT for Gmail
How Fake AI Chrome Extension Attacks Work
These fraudulent extensions mask themselves as helpful tools, offering features like text translation or email summaries, but behind the scenes, they monitor your online activity.
When installed, these extensions can access the websites you visit. This enables them to read the content on those pages, including any login information you enter. Some even target Gmail, allowing them to read your emails and access drafts. That means attackers could potentially view your private conversations and sensitive financial details.
Additionally, the information gathered is transmitted to servers managed by attackers. Since the content is loaded remotely, the attackers can alter how the extension works without needing to modify the extension itself. Some versions of these tools even have audio capabilities that could capture nearby conversations and send those recordings back to the attackers.
If you’ve installed any of these extensions, your sensitive data could be compromised—everything from email content to login credentials and potentially audio recordings.
Upon reaching out to Google, a spokesperson confirmed that all extensions mentioned have been removed from the Google Web Store.
7 Ways to Protect Yourself from Malicious Chrome Extensions
If you have installed any AI-related Chrome extensions, there are steps you can take to protect your account and mitigate any damage.
1) Remove Suspicious or Unused Browser Extensions
Open Chrome and enter chrome://extensions in the address bar. Review the extensions you have installed. If you find something you don’t recognize, especially any AI tools you don’t recall adding, remove it immediately. Malicious extensions thrive on going unnoticed.
2) Change Your Password
If you’ve installed a dubious extension, it’s wise to change your password. Start with your email, as it connects to other accounts. Follow up by updating passwords for banking and social media platforms, preventing potential break-ins using stolen credentials.
3) Use Strong Passwords with a Password Manager
Password managers create unique passwords for each account and keep them secure. This helps limit the damage if one password is compromised. They can also notify you if your credentials appear in a data breach, enabling you to take prompt action.
4) Have Strong Antivirus Software
Good antivirus software can detect harmful extensions and prevent hidden threats. Regularly scan your system to identify suspicious activities and block malicious programs before they can do any damage.
5) Consider Identity Theft Protection Services
These services monitor your personal data for signs of misuse and alert you immediately if someone attempts to use your information fraudulently. Early detection can mitigate significant risks to your finances and personal identity.
6) Keep Your Browser and Computer Updated
Software updates often fix security vulnerabilities that attackers exploit. Enable automatic updates on your operating system and browser to ensure you’re always equipped with the latest protections.
7) Use Data Deletion Services
These services help you remove personal data from websites that collect and sell such information. With less public data, the chances of attackers successfully using your information diminish.
It’s essential to regularly evaluate your browser extensions, remove anything questionable, and use protective tools like password managers and antivirus software to reduce your vulnerability. Have you checked your extensions recently? What are your thoughts on this issue?
