Malicious Chrome Extension Steal ChatGPT and DeepSeek Conversations from 900K Users

Brownie2019

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
910
4,295
2,168
Germany
Content source
https://cybersecuritynews.com/malicious-chrome-extension-steal-data/
Two rogue Chrome extensions have compromised over 900,000 users by secretly exfiltrating ChatGPT and DeepSeek conversations, along with full browsing histories, to attacker servers.
Discovered by OX Security researchers, the malware impersonates the legitimate AITOPIA AI sidebar tool, with one fake even earning Google’s “Featured” badge.
The OX Research team identified the threat during routine analysis, revealing extensions that clone AITOPIA’s interface for chatting with LLMs like GPT and Claude.
Click to expand...
Full Story:
cybersecuritynews.com

Malicious Chrome Extension Steal ChatGPT and DeepSeek Conversations from 900K Users

Two rogue Chrome extensions have compromised over 900,000 users by secretly exfiltrating ChatGPT and DeepSeek conversations along with full browsing histories to attacker servers.
cybersecuritynews.com cybersecuritynews.com
 
  • Like
  • Thanks
  • Wow
Reactions: Sorrento, Back3, bjm_ and 1 other person
Brownie2019 said:
Full Story:
cybersecuritynews.com

Malicious Chrome Extension Steal ChatGPT and DeepSeek Conversations from 900K Users

Two rogue Chrome extensions have compromised over 900,000 users by secretly exfiltrating ChatGPT and DeepSeek conversations along with full browsing histories to attacker servers.
cybersecuritynews.com cybersecuritynews.com
Click to expand...
Based on the primary write-up from OX Security (published December 30, 2025), this looks like a classic “useful-looking extension with spyware bolted on” campaign: two Chrome Web Store extensions impersonated the legitimate AITOPIA sidebar concept and were reported to exfiltrate ChatGPT and DeepSeek conversation content plus tab URLs (“browsing history” in practice) to attacker-controlled infrastructure on a repeating schedule. ([ox.security](https://www.ox.security/blog/malicious-chrome-extensions-steal-chatgpt-deepseek-conversations/?utm_source=openai))

The CyberSecurityNews article you linked (dated January 7, 2026) largely repeats the OX details and includes the same extension names/IDs and the same high-level data-theft claims. ([cybersecuritynews.com](https://cybersecuritynews.com/malicious-chrome-extension-steal-data/))

What to take away (practically)
  • A “Featured” badge (or good ratings) is not proof an extension is safe; it’s only a signal that can fail. OX’s report explicitly calls out that one of these had “Featured” status at the time of discovery. ([ox.security](https://www.ox.security/blog/malicious-chrome-extensions-steal-chatgpt-deepseek-conversations/?utm_source=openai))
  • If someone installed either extension, they should assume anything typed into ChatGPT/DeepSeek in that browser profile (and a lot of browsing metadata) may have been exposed, and respond accordingly. ([ox.security](https://www.ox.security/blog/malicious-chrome-extensions-steal-chatgpt-deepseek-conversations/?utm_source=openai))

Indicators mentioned in the research
OX Security lists these two extensions as the malicious ones (IDs matter more than the display name):
  • Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI — ID: fnmihdojmnkclgjpcoonokmkhjpjechg ([ox.security](https://www.ox.security/blog/malicious-chrome-extensions-steal-chatgpt-deepseek-conversations/?utm_source=openai))
  • AI Sidebar with Deepseek, ChatGPT, Claude and more — ID: inhcgfpbfdjbjogdfjbclgolkmhnooop ([ox.security](https://www.ox.security/blog/malicious-chrome-extensions-steal-chatgpt-deepseek-conversations/?utm_source=openai))

Safe, standard remediation steps (for anyone who might be affected)
  • Remove the extension(s) immediately from Chrome (and check all Chrome profiles on the machine).
  • Run Chrome’s Safety Check and review extension warnings. Chrome can flag extensions that are no longer in the Web Store / taken down / marked as malware (this doesn’t always happen instantly, but it’s worth checking). ([developer.chrome.com](https://developer.chrome.com/blog/extension-safety-hub?utm_source=openai))
  • Assume session exposure: sign out of ChatGPT/DeepSeek (and any other sensitive sites used in that browser profile), then change passwords where appropriate and enable 2FA if it’s not already enabled.
  • If you used any API keys or long-lived tokens in the browser (developer portals, cloud consoles, etc.), rotate/revoke them.
  • Clear browser data as a hygiene step (cookies/site data) after removing the extension, then re-login cleanly.
  • Do a full system scan with a reputable AV/security suite. (This threat is “browser extension first,” but scanning is a low-risk sanity check.)

Enterprise / managed environments
If this happened inside an org, the most effective control is to move to an allowlist approach for extensions (Chrome Enterprise policies / curated store experience) and to centrally remove/block known-bad extension IDs when incidents like this pop up. ([theverge.com](https://www.theverge.com/2025/1/23/24350178/google-chrome-extensions-admin-enterprise-controls?utm_source=openai))

Conclusion: the story is credible in the sense that it traces back to a named, technical report (OX Security) with concrete IOCs, but the only “sure” way to know if someone was impacted is to verify whether those extension IDs were installed in their Chrome profile(s) and respond as if chats/browsing metadata were exposed if they were. ([ox.security](https://www.ox.security/blog/malicious-chrome-extensions-steal-chatgpt-deepseek-conversations/?utm_source=openai))
 
Indicators of Compromise (IOCs)

Malicious Extension IDs (Chrome Web Store)

fnmihdojmnkclgjpcoonokmkhjpjechg
Click to expand...
(Name: "Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI")

inhcgfpbfdjbjogdfjbclgolkmhnooop
Click to expand...
(Name: "AI Sidebar with Deepseek, ChatGPT, Claude and more")


File Hashes (SHA-256):

98d1f151872c27d0abae3887f7d6cb6e4ce29e99ad827cb077e1232bc4a69c00 (Version 1.9.6)

20ba72e91d7685926c8c1c5b4646616fa9d769e32c1bc4e9f15dddaf3429cea7 (Version 1.6.1)

Network Indicators (C2 Domains):

deepaichats[.]com (Receives stolen chat data)

chatsaigpt[.]com (Secondary C2)

chataigpt[.]pro</ (Infrastructure hosting)

chatgptsidebar[.]pro (Redirect/Infrastructure)

Recommendation / Remediation​

Immediate Action Required

Verify and Remove
Navigate to chrome://extensions in your browser address bar.

Check for the IDs fnmihdojmnkclgjpcoonokmkhjpjechg or inhcgfpbfdjbjogdfjbclgolkmhnooop.

If present, click Remove immediately.

Session Termination
Log out of all active sessions for ChatGPT, DeepSeek, and any corporate web portals accessed while the extension was active.

Credential Rotation
Because full browsing history was exfiltrated, assume session tokens or sensitive URLs (e.g., password reset links, internal tools) may have been exposed. Rotate passwords for critical accounts accessed during the infection period.

Enterprise Hunt
Security teams should block the listed C2 domains at the firewall/DNS level and query endpoint logs for the presence of the specified extension IDs.

References

Primary Source
Cyber Security News - "Malicious Chrome Extension Steal ChatGPT and DeepSeek Conversations from 900K Users"

Original Research
OX Security
 
You must log in or register to reply here.

You may also like...