Breaking: AI Browser Extensions Found Siphoning User Data
Security researchers at Unit 42 have uncovered a wave of malicious AI-powered browser extensions that are silently stealing sensitive user data. These add-ons, disguised as helpful writing or productivity tools, actually intercept prompts, exfiltrate passwords, and harvest emails.
“These extensions look legitimate—they promise to help you draft emails or summarize text—but once installed, they send your keystrokes and login credentials to remote servers,” said Dr. Elena Torres, principal threat researcher at Unit 42. “Users are unknowingly handing over the keys to their digital lives.”
The discovery comes amid a surge in AI-enabled browser add-ons, with millions of downloads across major web stores. Unit 42’s analysis reveals that many of these extensions abuse permissions granted during installation to read every webpage a user visits.
Background: How the Scam Works
The malicious extensions often masquerade as grammar checkers, email assistants, or AI writing companions. Once activated, they bypass browser security by requesting broad access to “read and change all data on websites.”
Unit 42’s report, published Tuesday, details how these tools intercept API calls to popular AI services, capturing both user prompts and responses. Passwords entered into login forms are also logged and sent to command-and-control servers.
“In some cases, the extensions even inject hidden code to steal two-factor authentication tokens,” said Marcus Chen, a senior engineer at the cybersecurity firm. “This is a full-blown credential harvesting operation dressed up as a convenience tool.”
What This Means for Users
For everyday internet users, the risk is immediate. Anyone who installed an AI extension to help with writing, scheduling, or email management could have their data compromised—including corporate employees handling sensitive information.
“We strongly recommend auditing your browser extensions now,” urged Dr. Torres. “Remove any AI tools you don’t fully trust, especially those that request broad permissions or were recently updated without clear changelogs.”
Unit 42 has published a list of identified malicious extensions on its threat intelligence portal. The team advises users to stick to well-known, open-source alternatives and to avoid granting permissions that aren’t essential for a tool’s stated function.
What Comes Next
Browser vendors have been notified and are reviewing the flagged extensions for removal. However, the cat-and-mouse game continues. “Attackers will keep repackaging these threats under new names,” warned Mr. Chen. “Users must remain vigilant and question any free tool that promises AI magic without a proven track record.”
Unit 42 is urging organizations to enforce extension allowlists and use endpoint detection tools that can flag unusual network traffic from browser plugins. For now, the safest bet is to disable all AI extensions until they can be verified.
How to Protect Yourself
- Review permissions—If an extension asks for access to “all data on every site,” think twice.
- Stick to official sources—Avoid downloading add-ons from third-party or unofficial stores.
- Monitor account activity—Check for unexpected logins or password reset emails.
- Use a password manager—It can help detect if credentials are being sent to unknown servers.
The full technical report from Unit 42 is available on their research blog. For ongoing updates, follow their threat intelligence feed.