Malicious AI Assistant Extensions Harvest LLM Chat Histories

Microsoft Defender identified a large-scale campaign of malicious Chromium browser extensions masquerading as AI assistant tools that collect full URLs, AI chat content (e.g., ChatGPT and DeepSeek), and browsing telemetry. The extensions were distributed through the Chrome Web Store (affecting Chrome and Edge), reached ~900,000 installs and impacted >20,000 enterprise tenants, staged data locally (Base64 JSON) and periodically exfiltrated it via HTTPS POST to domains such as deepaichats.com and chatsaigpt.com, with telemetry re-enabled after updates; Microsoft recommends monitoring network POSTs to known endpoints, auditing and restricting extensions, enabling Defender protections, applying AI data security controls, and educating users.