Urban VPN Proxy, a widely installed Chrome extension with a 'Featured' badge and a 4.7 rating, has been discovered to surreptitiously intercept and collect AI chatbot conversations from users. Following a July 2025 update (version 5.5.0), the extension embedded tailored JavaScript executors for multiple AI platforms (OpenAI ChatGPT, Anthropic Claude, Google Gemini, Microsoft Copilot, xAI Grok, Meta AI, Perplexity) that override browser APIs such as fetch() and XMLHttpRequest(). This override enables the extension to capture every prompt entered by users and the corresponding chatbot responses, along with metadata like conversation IDs, timestamps, session data, and AI model details. The collected data is exfiltrated to two remote servers controlled by Urban Cyber Security Inc., the Delaware-based developer. Although the updated privacy policy claims data collection is for enhancing Safe Browsing and marketing analytics, and that data is anonymized, evidence shows raw data is shared with an affiliated ad intelligence firm, BIScience, which commercially exploits it. BIScience also allegedly collects clickstream data via SDKs in other extensions, exploiting policy loopholes in Chrome Web Store's Limited Use exceptions. The extension's 'AI protection' feature, which ostensibly warns users about sharing personal data, does not prevent data collection and may mislead users about privacy. Additional extensions from the same publisher exhibit identical data harvesting, with a combined install base exceeding eight million. The extensions' 'Featured' badges, signaling compliance with platform standards, lend false trust to users. This incident underscores the risks of malicious or deceptive extensions abusing marketplace trust to harvest sensitive AI interaction data at scale, potentially exposing personal and confidential information shared with AI chatbots.

European organizations face significant privacy and security risks from this threat due to the sensitive nature of AI chatbot interactions, which often include confidential business information, personal data, and intellectual property. The silent interception and exfiltration of AI conversations can lead to data leakage, loss of confidentiality, and potential regulatory violations under GDPR and other data protection laws. The commercial sharing of raw, potentially identifiable data with third parties exacerbates compliance risks and may result in reputational damage and legal penalties. The widespread installation of the extension, including on Microsoft Edge, increases the attack surface within enterprises and among remote workers. Furthermore, the deceptive use of 'Featured' badges undermines trust in extension marketplaces, complicating organizational efforts to secure endpoints. The threat also raises concerns about insider data exposure and targeted espionage if adversaries leverage harvested AI interaction data. Given the increasing reliance on AI chatbots for sensitive tasks, this vulnerability could disrupt secure workflows and erode user confidence in AI tools.

European organizations should immediately audit and restrict the installation of Urban VPN Proxy and related extensions (1ClickVPN Proxy, Urban Browser Guard, Urban Ad Blocker) across all corporate devices and browsers, including Chrome and Edge. Deploy endpoint management solutions to enforce extension whitelisting and block unauthorized or suspicious extensions. Educate users about the risks of installing extensions with broad permissions, especially those claiming VPN or AI protection features. Monitor network traffic for unusual data exfiltration patterns to domains such as analytics.urban-vpn.com and stats.urban-vpn.com. Collaborate with IT and security teams to implement browser security policies that disable auto-updates for extensions or require administrative approval before updates are applied. Encourage the use of enterprise-approved VPN solutions with transparent privacy policies. Conduct regular privacy impact assessments on AI chatbot usage within the organization and limit sensitive data shared with AI platforms. Engage with browser vendors to report malicious extensions and advocate for stricter vetting processes for 'Featured' badges. Finally, integrate AI interaction data protection into broader data loss prevention (DLP) strategies to detect and prevent unauthorized data capture.