In accordance with Koi Safety’s findings, city VPN injects scripts that activate at any time when customers work together with fashionable AI platforms, capturing each prompts and responses, even when VPN options are disabled.
Hidden scripts in “privateness” armor
Aside from providing a VPN service, City VPN Proxy deployed “executor” scripts that activate when a consumer opens AI chat platforms like ChatGPT, Claude, Gemini, Perplexity, Grok, and others. “Every platform has its personal devoted script-chatgpt.js, claude.js, gemini.js, and so forth,” Koi researchers stated in a weblog put up.
These scripts override key browser community APIs to intercept every part a consumer sorts and receives, package deal it, and ship it off to City VPN’s backend techniques. The underlying code constantly displays AI dialog content material and associated metadata, and uploads it no matter VPN use.
The Chrome extension carries excessive scores and a “Featured” badge by Google, giving customers an implicit belief sign, the researchers famous. “The badge from Google means it had handed handbook overview and met what Google describes as a excessive normal of consumer expertise and design,” they stated.
