Feb 14 • 🕵️♂️ CISSPintheWild
Malicious Chrome AI Extensions Target 260,000 Users with Injected Iframes
As AI tools like ChatGPT, Claude, Gemini, and Grok gain mainstream adoption, cybercriminals are weaponizing their popularity to distribute malicious browser extensions.
Security researchers have uncovered a coordinated campaign involving 30 Chrome extensions that masquerade as legitimate AI assistants while secretly deploying dangerous surveillance capabilities affecting over 260,000 users.
The malicious extensions pose as AI-powered tools for summarization, chat assistance, writing help, and Gmail integration.
Despite appearing legitimate in the Chrome Web Store, where several were even featured as recommended tools, these extensions share identical underlying code, permissions, and backend infrastructure controlled through the tapnetic.pro domain.
Rather than implementing functionality locally, they embed remote server-controlled interfaces using privileged proxies that grant external servers access to sensitive browser capabilities.
3
0 comments
Malicious Chrome AI Extensions Target 260,000 Users with Injected Iframes
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+35
2
+30
3
+28
4
+25
5
+25
Powered by