ChatGPT Users Vulnerable to Data Breach via Malicious Browser Extensions

Post Views: 10

Data Theft Operation Targets ChatGPT Users Via Malicious Browser Extension

A recent discovery has shed light on a sophisticated data theft operation targeting users of the popular AI platform ChatGPT.

According to reports, a malicious Chrome extension masquerading as an ad blocker has been identified as the culprit, capturing user conversations and transmitting sensitive data to attackers via Discord.

The extension, titled “ChatGPT Ad Blocker,” was available on the Google Chrome Web Store until February 10, 2026, despite its deceptive intentions.
Investigators found that the extension employed a technique called DOM cloning to isolate and extract user-generated text, including conversation data and metadata.
Once extracted, the extension transmitted entire conversations to a private Discord channel, where a bot named “Captain Hook” collected and stored the data for later access by attackers.
To maintain persistence and evade detection, the extension continuously checked a GitHub file for updated instructions, allowing attackers to modify their tactics remotely.

The developer behind the extension, operating under the online alias “krittinkalra,” has ties to other AI platforms, including Writecream and AI4ChatCo, which boast user bases exceeding 1.5 million individuals. Although no concrete evidence links these platforms to the data theft operation, their association raises concerns about potential vulnerabilities within the broader AI ecosystem.

Safety Measures and Recommendations

Security experts warn that this incident highlights the risks associated with relying on third-party tools to manage advertisements on AI platforms. The extension’s ability to exploit OpenAI’s recent introduction of ads for free-tier users underscores the importance of users relying solely on official platform settings to manage advertisements.

DomainTools advises users to exercise caution when downloading extensions or any other software that claims to enhance their browsing experience. Instead, they recommend utilizing built-in browser features to manage advertisements and avoid compromising sensitive data.

As the use of AI platforms continues to grow, security researchers emphasize the need for increased vigilance and awareness among users regarding potential threats and exploits targeting these services. By staying informed and adopting best practices for secure browsing, users can mitigate risks and protect their sensitive information from falling into the wrong hands.