A malicious VPN service was discovered stealing full ChatGPT and Google Gemini conversations, elevating main considerations about browser extension privateness and AI information security.
Widespread VPN extension caught harvesting AI conversations
A latest investigation revealed that the VPN extension City VPN Proxy secretly logged full browser visitors, together with personal conversations with main AI platforms. The affected providers embody ChatGPT, Claude, Google Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok (xAI), and Meta AI.
Regardless of carrying a 4.7-star score from 58.5K critiques and reaching over six million customers, the extension uncovered delicate information from greater than eight million customers worldwide. Google even featured the extension, which elevated person belief and adoption.
How City VPN stole ChatGPT and Gemini information
City VPN collected information by injecting an executor script straight into the webpages of focused AI platforms. The script overrode native browser capabilities, which allowed it to intercept all community visitors between customers and AI providers.
The extension captured:
- Each AI immediate and response
- Dialog IDs and timestamps
- Session-level metadata
After extraction, the script compressed the information and transmitted it to City VPN servers. Data harvesting ran constantly within the background and labored even when the VPN was turned off or person settings had been unchanged.
All conversations since July 2025 are compromised
The malicious performance appeared in City VPN model 5.5.0, launched on July 9, 2025. Any AI conversations carried out since that date needs to be handled as compromised.
City VPN is affiliated with BiScience, a knowledge dealer firm. Studies point out that the harvested information was collected and bought for advertising and marketing analytics functions.
Different extensions affected
City VPN was not the one extension concerned. Investigators discovered the identical data-harvesting code in:
- 1ClickVPN Proxy
- City Browser Guard
- City Advert Blocker
Customers operating any of those extensions ought to take away them instantly and overview their on-line accounts for potential publicity.
Many customers depend on AI chats for personal duties akin to writing code, planning tasks, or discussing delicate matters. This incident reveals how browser extensions can silently intercept AI conversations with out clear consent.
The findings spotlight the significance of auditing browser extensions often and avoiding VPN instruments with unclear data-collection practices.
In different information, ChatGPT can now edit photographs and PDF recordsdata, so should you eliminated the malicious extension, go give it a attempt.
Through Neowin
Milan Stanojevic
Earlier than becoming a member of WindowsReport, he labored as a front-end net developer. Now, he is one of many Troubleshooting specialists in our worldwide group, specializing in Home windows errors & software program points.
Readers assist help Home windows Report. We could get a fee should you purchase by means of our hyperlinks.
Learn our disclosure web page to seek out out how will you assist Home windows Report maintain the editorial group. Learn extra
