Fake AI Chrome Extensions Infect 300,000 Users, Steal Credentials
Summary
Fake AI Chrome extensions like AiFrame, posing as ChatGPT or Gemini, have over 300,000 installs. They steal data via remote iframes. Check and remove suspicious extensions.
Fake AI extensions have infected 300,000 Chrome users
Security researchers have uncovered a campaign, dubbed AiFrame, where attackers published roughly 30 fake Chrome extensions impersonating popular AI assistants. These malicious add-ons, which mimic tools like ChatGPT, Gemini, Claude, and Grok, have collectively amassed more than 300,000 installs.
The extensions promise legitimate AI functionality for summarizing, writing, or email assistance. Once installed, however, they grant attackers remote control over the victim's browser.
How the malicious extensions work
Instead of running code locally, all 30 extensions work the same way: they render a full-screen iframe that loads content from a remote server controlled by the attackers. This method allows the threat actors to silently push updates and new malicious code at any time without needing to update the extension through the Chrome Web Store.
The extensions request and obtain broad permissions, enabling a range of invasive capabilities. Researchers at security firm LayerX, which identified the campaign, observed functions including voice recognition, pixel tracking, and the ability to read email content.
This structure makes the extensions broadly capable of harvesting sensitive data and monitoring all user behavior within the browser.
Identifying and removing the fakes
Because the extensions use familiar or generic names like "Gemini AI Sidebar" or "ChatGPT Translate," they can be difficult to spot. LayerX has published a complete list of the malicious extension names and their unique IDs.
To check if you have one installed, follow these steps:
- Navigate to chrome://extensions in your browser.
- Toggle Developer mode on in the top-right corner.
- Find the extension's unique ID listed below its name and cross-reference it with the LayerX list.
If you find a malicious extension, you should immediately remove it and reset any passwords that may have been exposed during its use.
The ongoing threat from malicious extensions
This campaign is part of a persistent trend where browser extensions are used as a primary vector for stealing user data. It follows other widespread schemes like the GhostPoster campaign that targeted Chrome, Firefox, and Edge.
While Google has removed some of the AiFrame extensions, others remain available on the Chrome Web Store. Alarmingly, several even carried the store's "Featured" badge, which lent them an air of legitimacy.
The attackers' infrastructure allows them to quickly republish malicious add-ons under new names, ensuring the campaign can easily persist. This incident serves as a critical reminder to vet extensions carefully, looking beyond just a familiar brand name, as even AI tools from seemingly trusted sources can pose significant privacy risks.
Related Articles
Pi for Excel adds AI sidebar to Microsoft spreadsheets
Pi for Excel is an open-source AI sidebar for Excel. It reads and edits workbooks using models like GPT or Claude, with tools for formatting, extensions, and recovery.
Midsummer Studios shuts down, reveals unreleased life sim Burbank
Midsummer Studios, founded by ex-Firaxis director Jake Solomon, is closing. It revealed a first look at its AI-driven life sim "Burbank" before shutting down.
Stay in the loop
Get the best AI-curated news delivered to your inbox. No spam, unsubscribe anytime.
