Personal conversations conducted on popular artificial-intelligence platforms including OpenAI's ChatGPT, Google's Gemini and Anthropic's Claude are being quietly collected and sold through browser extensions used by millions of people, according to new findings by cybersecurity researchers.
The warning centers on Urban VPN Proxy, a Chrome browser add-on installed by roughly six million users and previously awarded a "featured" label in Google's Web Store. Researchers at Koi, a Tel Aviv-based security firm, said the extension contains hidden code designed to monitor and harvest user interactions with leading AI chatbots.
Idan Dardikman, a researcher at Koi, said the extension includes embedded "executor" scripts that actively capture conversations across multiple AI services, including ChatGPT, Claude, Gemini, DeepSeek and xAI's Grok. The data collected spans "medical questions, financial details, proprietary code, personal dilemmas, all of it, sold for 'marketing analytics purposes,'" Dardikman said.
The scripts operate regardless of whether the VPN function is switched on or off, according to the researchers. Once the extension is installed, data collection begins automatically and continues in the background. As Forbes reported, "there is no user-facing toggle to disable this. The only way to stop the data collection is to uninstall the extension entirely."
Koi's analysis found that Urban VPN Proxy transmits browsing records and AI chat content to its parent company, Urban Cyber Security Inc., which then shares the information with an Israeli data brokerage firm, BiScience. According to Dardikman, BiScience processes the raw data into commercial insights that are sold onward to business partners.
Despite these disclosures in its privacy terms, the Urban VPN Proxy listing on the Chrome Web Store states that user data is not shared with third parties except in limited circumstances and that information is not used or transferred for purposes unrelated to the extension's core functionality. Researchers said those claims are inconsistent with the technical behavior observed in the software.
The exposure extends beyond a single add-on. Forbes reported that more than two million additional users are potentially affected across seven other browser extensions published by the same developer, most of which carry the same AI data-collection mechanisms. All but one of those apps also received "featured" status from Google's Chrome Web Store, according to the report.
Dardikman urged immediate action from users who may be affected. "If you have any of these extensions installed, uninstall them now," he said, adding that people should "assume any AI conversations you've had since July 2025 have been captured and shared with third parties."
