"The four seemingly helpful extensions are Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard, and Urban Ad Blocker. They're distributed via the Chrome Web Store and Microsoft Edge Add-ons, but include code designed to capture and transmit browser-based interactions with popular AI tools. "Urban VPN Proxy targets conversations across ten AI platforms," said Idan Dardikman, co-founder and CTO of Koi, in a blog post published Monday."
"According to Dardikman, the Urban VPN Proxy extension monitors the user's browser tabs and, when the user visits one of the targeted platforms (e.g., chatgpt.com), it injects the "executor" script into the page. "Once injected, the script overrides fetch() and XMLHttpRequest - the fundamental browser APIs that handle all network requests," he explained. "This is an aggressive technique. The script wraps the original functions so that every network request and response on that page passes through the extension's code first.""
Four browser extensions — Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard, and Urban Ad Blocker — collected chatbot conversation text from more than eight million users and transmitted it back to developers. The extensions were available through the Chrome Web Store and Microsoft Edge Add-ons and included code to capture interactions with multiple AI platforms such as ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok, and Meta AI. Urban VPN Proxy monitors browser tabs and injects an "executor" script that overrides fetch() and XMLHttpRequest, causing all network requests and responses on targeted pages to pass through extension code. Data harvesting is enabled by default via a hardcoded flag with no user-facing disable option, requiring uninstallation to stop collection. The executor parses intercepted API responses and packages them for transmission via window.postMessage.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]