Google—Malicious Chrome extensions in Web Store stole private AI chatbot conversations from 900,000 users
A widespread malware campaign abused Google's Chrome Web Store for months, exposing private AI chatbot conversations and browsing data from roughly 900,000 users. The campaign involved two malicious browser extensions identified as 'ChatGPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI' and 'AI Sidebar with DeepSeek, ChatGPT, Claude.' The extensions remained available in the Chrome Web Store despite the security vulnerabilities.
Scoring Impact
| Topic | Direction | Relevance | Contribution |
|---|---|---|---|
| AI Safety | -against | secondary | -0.50 |
| Data Security | -against | primary | -1.00 |
| User Privacy | -against | primary | -1.00 |
| Overall incident score = | -0.357 | ||
Score = avg(topic contributions) × significance (high ×1.5) × confidence (0.57)× agency (negligent ×0.5)
Evidence (1 signal)
Malicious Chrome extensions hosted in Web Store for months exposed 900,000 users' AI chatbot data
A widespread malware campaign abused Google's Chrome Web Store for months, exposing private AI chatbot conversations and browsing data from roughly 900,000 users. The campaign involved two malicious browser extensions identified as 'ChatGPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI' and 'AI Sidebar with DeepSeek, ChatGPT, Claude.' The extensions remained available in the Chrome Web Store despite the security vulnerabilities, demonstrating inadequate vetting of extensions.