Security researchers have uncovered a massive data harvesting operation hidden within popular browser extensions, affecting over eight million users.
Urban VPN Proxy, a “featured” extension on the Chrome Web Store with over six million users and a 4.7-star rating, is at the centre of the scandal for secretly stealing full conversations from ten major AI platforms, including ChatGPT, Gemini, Claude, and Microsoft Copilot.
The investigation found the same malicious code in seven other extensions from the same publisher, such as 1ClickVPN Proxy, Urban Browser Guard, and Urban Ad Blocker. Across both Microsoft Edge and Google Chrome, these extensions target AI platforms like Perplexity, DeepSeek, Grok, and Meta AI to capture sensitive user data.
The theft is highly invasive. The extensions inject an executor script into AI web pages to override native browser functions. This allows the script to intercept all network traffic, parsing API requests to extract every prompt, AI response, timestamp, conversation ID, and session metadata. This data is then compressed and transmitted to Urban VPN’s servers.
Alarmingly, the harvesting runs continuously in the background, regardless of whether the VPN is active or what the user-facing settings are.
The functionality has been present since version 5.5.0, released on July 9, 2025. All conversations since that date should be considered compromised.
Urban VPN is operated by Urban Cyber Security Inc., which is affiliated with the data broker BiScience. The collected data is reportedly being sold for marketing analytics purposes. Experts urge anyone using these extensions to uninstall them immediately.
The incident serves as a stark reminder that high ratings and “Featured” badges are not guarantees of safety, and users should audit all third-party browser extensions for potential privacy risks.