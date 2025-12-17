A widely used Google Chrome extension has been caught quietly collecting conversations from major AI chat platforms. The extension, Urban VPN Proxy, has more than six million users and even carries Google’s “Featured” badge, making the discovery more concerning for Chrome users who installed it for privacy and security. Also Read: ChatGPT Is Getting Its Own App Store As OpenAI Invites Developers

Security researchers at Koi were the first to flag the issue. According to the team, the extension was designed to target chats across 10 AI platforms, including ChatGPT, Gemini, Microsoft Copilot, Claude, Perplexity, DeepSeek, Grok (xAI), Meta AI and others. For each platform, the extension reportedly used a separate script that allowed it to read what users were typing and what responses they were receiving. Also Read: ChatGPT Images Vs Gemini Nano Banana Pro: We Put It To Test And The Results Are Surprising

Researchers say the data collection started with version 5.5.0, which was pushed out earlier this year in July. Once updated, the extension began injecting code into chatbot interfaces like ChatGPT and Gemini. This allowed it to quietly gather prompts, replies, timestamps and other session information, and send it back to Urban VPN’s servers. The behaviour stopped only if the user removed the extension from their browser. Also Read: Gemini 3 Flash Is Here: Google’s Fastest AI Model Yet?

It doesn’t end there. The same developer behind Urban VPN Proxy had seven more Chrome extensions with similar code. These included Urban Ad Blocker, Urban Browser Guard, and 1ClickVPNProxy, all of which were available to download on the Chrome Web Store.

Since Chrome extensions update automatically, most users had no idea their AI chats were being collected in the background. Reports also point out that Urban VPN Proxy is owned by Urban Cyber Security Inc., a company linked to data broker BiScience. The harvested data was allegedly being passed on to marketing and analytics firms.

Google has not yet commented on the findings or confirmed whether the flagged extensions have been taken down.