Featured Chrome Browser Extension Secretly Reading Millions of AI Chats

byRohit.nex Published:
A popular Google Chrome extension carrying a trusted Featured badge and used by more than six million people has been quietly collecting everything users type into AI chatbots. This includes conversations with tools like ChatGPT, Claude, Microsoft Copilot, Google Gemini, Perplexity, Meta AI, xAI Grok, and others—often without users realizing it was happening.

Featured Chrome Browser Extension Secretly Reading Millions of AI Chats


The extension is called Urban VPN Proxy. It has an impressive 4.7-star rating on the Chrome Web Store and promises users safe, free VPN access to unblock websites and protect privacy. It’s developed by a Delaware-based company named Urban Cyber Security Inc., and it’s also widely installed on Microsoft Edge, where it has over 1.3 million users.

At first glance, Urban VPN looks like a helpful privacy tool. But behind the scenes, things tell a different story. On July 9, 2025, the extension was updated to version 5.5.0. With that update, AI data collection was quietly turned on by default—without clear warnings or consent. Many users woke up one day trusting the same extension, unaware it now had new code watching their AI chats.

The way it works is deeply technical but troubling. The extension injects special JavaScript files—like chatgpt.js, claude.js, and gemini.js—whenever a user visits an AI platform. These scripts quietly step in and intercept conversations in real time.

Once active, the code overrides basic browser tools used for internet communication, such as fetch() and XMLHttpRequest(). This allows the extension to grab every message before it reaches the AI service. Both what users type and what the AI replies are copied and sent to Urban VPN’s servers, including analytics.urban-vpn[.]com and stats.urban-vpn[.]com.

According to security researchers, the data collected includes:

  • What users type into AI chatbots
  • The AI’s responses
  • Conversation IDs and timestamps
  • Session and usage details
  • Which AI platform and model were used

“Browser extensions update automatically,” said Idan Dardikman of Koi Security. “People installed Urban VPN just to use a VPN. They had no idea that, overnight, their private AI conversations were being harvested.”

Urban VPN’s privacy policy, updated on June 25, 2025, does mention collecting AI prompts. It claims this is done to improve safe browsing and for marketing analysis. The company says the data is anonymized and de-identified—but it also admits that sensitive personal information may still be processed and cannot be fully filtered out.

In the policy, Urban VPN states it only cares about AI prompts and responses, not personal identity. Still, it openly acknowledges that complete removal of private details cannot be guaranteed, which raises serious concerns—especially when users are sharing emotions, struggles, health questions, or personal advice with AI.

Featured Chrome Browser Extension Secretly Reading Millions of AI Chats


Even more worrying, Urban VPN shares browsing data with a related company called BIScience, an ad intelligence and brand monitoring firm. This company reportedly uses raw, non-anonymized data to generate insights that are sold and shared with business partners.

BIScience actually owns Urban Cyber Security Inc., and it has been criticized before. Earlier this year, an anonymous researcher accused the company of secretly collecting users’ browsing histories under confusing and misleading privacy policies. The researcher also claimed BIScience provides SDKs to other extension developers to collect clickstream data and send it to servers under its control.

According to the researcher, BIScience exploits loopholes in Chrome’s extension rules by claiming data collection is “necessary” for core features—even when it’s clearly excessive.

Urban VPN’s extension page also advertises an “AI protection” feature. It claims to warn users if they’re about to share personal data or click unsafe links in AI responses. That sounds comforting—but there’s a painful twist.

Security experts say the data is collected whether or not this feature is turned on.

"The extension warns users about sharing sensitive information with AI companies,” Dardikman explained. “But at the same time, it sends that exact information to Urban VPN’s own servers, where it’s sold. It’s like being warned about a fire while someone is stealing your house behind you."

Koi Security also found the same AI chat harvesting behavior in three other extensions from the same publisher:

  • 1ClickVPN Proxy
  • Urban Browser Guard
  • Urban Ad Blocker

Together, these extensions push the total number of affected users to over eight million. Most of them also carry the “Featured” badge, which gives users a strong sense of safety and official approval.

“These badges really matter,” Dardikman said. “For many people, that single label is what convinces them to click ‘Install.’ It feels like a stamp of trust from Google or Microsoft.”

This situation highlights a bigger and more emotional issue: people are opening up to AI more than ever. They’re sharing fears, asking for advice, talking about relationships, health, money, and mental well-being. When trusted tools quietly collect those moments, it feels like a betrayal.

Trust in extension marketplaces is powerful—and when abused, it can expose deeply personal parts of people’s lives at massive scale.
Tags:

You might like

View all
Previous Post Next Post
Share to other apps
Copy Post Link