Urban VPN Browser Extension Caught Harvesting AI Chat Conversations from Millions of Users

A recent investigation has revealed that the Urban VPN Proxy browser extension and other extensions from the same publisher have been injecting hidden scripts into AI chat services, including ChatGPT, Claude, and Gemini. These scripts intercept user requests and responses, collecting data such as conversation content, timestamps, and session metadata. The collected data is sent to Urban VPN's servers, even when the VPN is disabled. This functionality was introduced via an automatic update in July 2025 and affects over 8 million installations. There is no option for users to disable this data collection, and the extension displays a data sharing alert while continuing to exfiltrate data in the background. From a technical perspective, this incident highlights several critical issues. First, browser extensions with broad permissions can pose significant privacy risks. Extensions that require access to web page content can inject JavaScript code to monitor and exfiltrate data without the user's knowledge or consent. Second, the use of automatic updates to introduce such functionality underscores the importance of vigilant update management. Users and organizations must be aware of what changes are being made to their software, even if those changes come from seemingly trusted sources. The impact on the cybersecurity landscape is substantial. This incident demonstrates how tools that appear legitimate can be used for data harvesting. For cybersecurity professionals, this emphasizes the need for robust processes to vet browser extensions, continuously monitor software behavior, and educate users about the risks associated with browser extensions. Expert insights suggest several actionable steps. Organizations should implement strict policies for browser extension usage, including regular audits of installed extensions and their permissions. Users should be encouraged to review extension permissions regularly and remove any that are unnecessary or suspicious. Additionally, transparency in software updates is crucial. Developers should clearly communicate any changes in data collection practices, and users should be given the option to opt out of such changes. In conclusion, the Urban VPN incident serves as a critical reminder of the potential for abuse in browser extensions. Cybersecurity professionals must remain vigilant in monitoring and managing these tools to protect sensitive data and maintain user trust. This incident also highlights the broader issue of data privacy in the age of AI and the importance of ensuring that user data is protected from unauthorized access and exfiltration.