260k users exposed as fake Chrome extensions steal data
More than 260,000 users have installed malicious Google Chrome extensions masquerading as artificial intelligence (AI) tools that secretly harvested login credentials, email content and browsing data, according to a recent research by LayerX, a security firm.
The campaign, which researchers have named AiFrame, consists of at least 30 extensions presented as AI assistants or productivity tools. While some have since been removed, several remain available in the Chrome Web Store and continue to show tens of thousands of installations.
For all latest news, follow The Daily Star's Google News channel. LayerX said all of the extensions share the same internal structure, JavaScript code and backend infrastructure, communicating with servers under a single domain. One of the most widely downloaded add-ons, called “Gemini AI Sidebar”, reportedly reached around 80,000 users before it was taken down. Other extensions, including those branded as AI sidebars, assistants or translation tools, have each attracted tens of thousands of installations.
According to the researchers, the extensions did not run AI functions locally on users’ devices. Instead, they loaded remote content through a full-screen iframe, allowing operators to alter functionality without submitting updated versions for review. This structure enabled the extensions to modify behaviour dynamically and potentially evade additional scrutiny.
In the background, the add-ons extracted webpage content from sites visited by users, including authentication pages containing sensitive information. The extensions used Mozilla’s Readability library to capture page data.
LayerX said that when users activated features such as AI-generated replies or summaries, the captured email content could be transmitted to third-party servers controlled by the extension operators. As a result, email messages and related contextual information may have been sent outside Google’s security environment to external infrastructure.
The researchers also found that some extensions included voice recognition and transcription functions using the Web Speech API. Depending on the permissions granted by users, these features could potentially capture and transmit audio data from a device’s surroundings.
LayerX has published a list of indicators of compromise and advised users to review installed extensions carefully. Those who believe they may have been affected are urged to remove suspicious add-ons and reset passwords for online accounts.
Comments