Summary: Security researchers at Malwarebytes have identified 16 malicious extensions on the Chrome Web Store and Microsoft Edge Add-ons store that specifically target AI users. These extensions “spy” on ChatGPT conversations and steal session tokens, giving attackers full access to chat histories and the ability to prompt on behalf of the user.
Business Impact: High Intellectual Property Risk. If employees are using AI to summarize internal documents or write code, these extensions are exfiltrating those “private” prompts to attacker-controlled servers. This effectively bypasses the “Corporate AI” security wrapper.
Why It Happened: These extensions were disguised as helpful productivity tools (e.g., “ChatGPT Enhancer”). They utilize “Man-in-the-Browser” techniques to intercept HTTP headers containing session cookies.
Recommended Executive Action: Implement a “Browser Extension Allow-list” for all corporate laptops. Instruct users to immediately uninstall any unverified AI-related extensions and rotate their AI platform passwords.
Hashtags: #ChatGPT #ChromeExtension #Malware #SessionHijacking #IPTheft #AISecurity