Scams & Phishing News Malicious Browser Extensions Hijack Users’ AI Chats in New “Prompt Poaching” Attack

Brownie2019

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
969
4,663
2,168
Germany
Content source
https://gbhackers.com/malicious-browser-extensions-2/
A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, in a growing threat now dubbed “prompt poaching.”
The rise of AI assistants in everyday browsing has created a usability gap. Most users interact with AI tools in isolated tabs, manually copying and pasting content for analysis or summarization.
To address this limitation, developers introduced AI-powered browser extensions that can access content across multiple tabs, enabling seamless workflows and real-time assistance.
Security researchers warn that these extensions are actively monitoring AI conversations and exfiltrating the data to attacker-controlled servers without user awareness.
However, this added convenience comes at a cost. By integrating deeply with browser activity, these extensions gain visibility into sensitive user data, including emails, financial information, and confidential documents.
Click to expand...
Full Story:
gbhackers.com

Malicious Browser Extensions Hijack Users’ AI Chats in New “Prompt Poaching” Attack

A new wave of malicious browser extensions is quietly harvesting sensitive user interactions with AI tools, in a growing threat now dubbed “prompt poaching.”
gbhackers.com gbhackers.com
 
  • Like
  • Thanks
  • Wow
Reactions: Sorrento, Zero Knowledge, oldschool and 7 others
In this case, the attack isn't aiming to steal passwords directly, but rather to intercept AI assistant chats through malicious browser extensions. The real risk for home users is that once these extensions are integrated into the browser, they can also access emails, documents, or financial data.

The best practical advice is to always review extension permissions and limit their use to those from trusted sources. If an extension asks for excessive access or isn't strictly necessary, the safest move is to uninstall it. ⚠️ 🛡️ 🔍
Click to expand...
 
  • Like
  • Hundred Points
  • Applause
Reactions: Sorrento, Khushal, oldschool and 1 other person
The problem is extensions that ask for intrusive permissions, like "Access your data for all websites" on Firefox. Many extensions request this and users may grant it without thinking. It’s easy to blame AI extensions, but I don’t think that’s it.

Reputation may not help much either. In this case, the first extension listed has over 400K users and a 4.6 rating, and Google has not yet taken it down, possibly because it’s not obvious that something’s wrong.

The extension filtering/screening process is broken. It’s best to pare down extensions to as few (or none) as possible.
 
  • Like
  • Hundred Points
  • Applause
Reactions: Sorrento, Khushal, Zero Knowledge and 1 other person

You may also like...