VPN Betrayal: Popular “Free” Extensions Caught Siphoning 8 Million Users’ Private AI Chats

Cybersecurity firm KOI recently published a blog post revealing that the Urban VPN Proxy browser extension—whose cumulative installations have reached 8 million—has been exploiting script-based hijacking of browser APIs to siphon off users’ sensitive information. The primary target of this data exfiltration is users’ conversations with AI platforms.

In exchanges with services such as ChatGPT, users may disclose highly sensitive details, including their names, addresses, political views, gender identity, religious beliefs, and other personal attributes. While such information is ordinarily protected, this extension systematically harvests both user-submitted prompts and the corresponding AI-generated responses in their entirety.

On the surface, Urban VPN claims to safeguard users by inspecting AI-generated content—for example, warning that links in responses might lead to phishing sites. In reality, however, the extension collects complete chat transcripts and shares them with commercial data analytics and marketing firms.

Armed with this data, advertising networks can infer users’ genuine interests and behavioral preferences, then deliver highly targeted advertisements designed to maximize click-through and conversion rates. In the process, user privacy is effectively obliterated. Analysis indicates that the extension gathers the following categories of information:

• All content sent by users to AI platforms
• All responses generated by AI platforms
• Conversation identifiers and timestamps
• Complete session metadata
• The specific AI platform and model in use

Crucially, the scripts responsible for this data collection operate independently of the VPN tunnel, ad-blocking features, or other core functionalities. This means that even disabling the VPN, AI protection, or related options does nothing to prevent surveillance; the only reliable remedy is to uninstall the extension entirely.

The affected AI platforms include ChatGPT, Claude, Gemini, DeepSeek, Grok, Copilot, Meta AI, and Perplexity—essentially encompassing nearly all major AI services in use today.

The implicated extensions are listed as follows:

• Chrome Web Store: Urban VPN Proxy
• Chrome Web Store: 1ClickVPN Proxy
• Chrome Web Store: Urban Browser Guard
• Edge Add-ons: Urban VPN Proxy
• Edge Add-ons: 1ClickVPN Proxy
• Edge Add-ons: Urban Browser Guard

Some of these extensions have already been removed from Google’s store. Users who previously installed them may notice that the extensions have been automatically disabled or uninstalled—an action carried out via Chrome’s cloud-based control mechanisms to purge malicious software from affected systems.

Related Posts:

• Microsoft’s Oops: Update Uninstalls Copilot AI
• Arch Linux Alert: Malicious Firefox, LibreWolf, & Zen Web AUR Packages Spread CHAOS RAT
• Trojan Malware Infiltrates Browser Extensions, Impacts 300,000 Users
• OpenAI Rolls Out Group Chat Globally: Collaborate with up to 20 People in ChatGPT