300,000+ Chrome users installed these malicious extensions posing as AI assistants — delete them right now

News
By published

Extensions promised quick access to AI but were actually stealing emails, passwords and more

Chrome browser on laptop
(Image credit: Shutterstock)

Although people are now much more careful with the apps they install on their smartphones, the same can’t be said for the extensions in their web browser. Case in point: Over 300,000 Chrome users installed 30 malicious extensions thinking they were a quick and easy way to get access to their favorite AI assistants — but instead, opened them up to having their data stolen.

As reported by BleepingComputer, these malicious extensions pose as AI assistants in order to gain a foothold in a user’s browser. From there, they are able to siphon off all kinds of sensitive data in the background including passwords, email content and browsing info.

Here’s everything you need to know about this new campaign including the malicious extensions themselves and the steps you need to take right now if you accidentally installed one of them in your browser.

Delete these extensions right now

This new set of malicious extensions was discovered by researchers at the browser security company LayerX which dubbed them AiFrame (more on that in a bit).

After analyzing all of the bad extensions in question, the firm found that they are all part of the same campaign and use a single domain to communicate with the cybercriminals behind it.

Here are the malicious extensions posing as popular AI assistants and tools with the most installs:

  • Gemini AI Sidebar - 80,000 installs
  • AI Assistant - 50,000 installs
  • AI Sidebar - 50,000 installs
  • ChatGPT Translate - 30,000 installs
  • AI GPT - 20,000 installs
  • AI Sidebar - 9,000 installs
  • Google Gemini - 7,000 installs
  • ChatGBT - 1,000 installs
  • DeepSeek Chat - 1,000 installs
  • ChatGPT Translation - 1,000 installs
  • ChatGPT for Gmail - 1,000 installs

It’s worth noting that the names of some of these extensions may be different but you can find the full list at the bottom of LayerX’s report and their unique identifiers (which look like this “gghdfkafnhfpaooiolhncejnlgglhkhe”) there.

According to BleepingComputer, the most popular malicious extension Gemini AI Sidebar has already been removed from the Chrome Web Store while some of the others haven’t been taken down yet but likely will soon.

If you installed any of these extensions in Chrome — or any other Chromium-based browser for that matter — you need to delete them immediately. To do so, click on the three-dot menu in the upper right corner of your browser, then Extensions and Manage Extensions. Here you’ll see a full list of all of your installed extensions with a search bar at the top to make it easier to find and remove any of these malicious ones.

AI as a trojan horse

A rendering of a digital Trojan horse.

(Image credit: posteriori/Shutterstock)

Just like a malicious app on your phone, rogue extensions give cybercriminals a 'backdoor' to your browser and the sensitive data inside it. Think of these tools as a Trojan Horse: they lure you in with the promise of easy access to popular AI assistants, but while the 'gift' of the AI tool works perfectly on the surface, malicious code (the 'soldiers') is secretly operating in the background to scrape your emails, passwords, and private chatbot conversations.

During its investigation, LayerX found that all 30 of these extensions have the same internal structure, JavaScript logic, permissions and backend infrastructure, which suggests they were created by the same person or group. While they do all technically ‘work’, they do so by using a full-screen iframe to load content from a remote domain instead of locally. This makes them extra risky because their creator could change how they function at any time just by sending out an update.

Of these AiFrame extensions, 15 of them specifically target victims’ Gmail data through a dedicated content script that extracts the text from email threads and according to LayerX, even draft emails can be captured.

If that wasn’t bad enough, these malicious extensions also have a remotely triggered voice recognition and transcript generation mechanism. When enabled, it can be used to record real life conversations right from a victim’s computer, putting not just their data but what they say to themselves or others around them at risk too.

How to stay safe from malicious extensions

A computer showing the Chrome Web Store

(Image credit: Tom's Guide)

Despite Google’s best efforts, malicious extensions still manage to slip through the cracks and end up on the Chrome Web Store. For this reason, you always need to be extra careful when downloading any new browser extension.

Although it’s best to stick to well-known extensions from trusted brands, there are times when a smaller extension from a lone developer does exactly what you need to solve a problem. I’ve been in this situation myself and during those times, I do several things first before installing it. Besides checking an extension’s rating and reviews, I also recommend doing a bit of digging into the developer to gauge whether or not they’re legit.

Since even good extensions can go bad, you want to make sure that your Windows PC is protected with the best antivirus software and that you’re using the best Mac antivirus software on your Apple computer. That way, if an extension is spreading malware or other viruses, they’ll be detected and stopped before they can do any damage.

If you use a lot of extensions and are constantly installing new ones and other AI tools, it might also be a good idea to consider investing in one of the best identity theft protection services. Not only can they help you get your identity back if it’s stolen but they can also help you recover any funds lost to scams or cyberattacks.

AI assistants and tools can really help speed up your workflow while allowing you to do things you couldn’t without them. However, just like with any other new technology, you want to be careful while being especially wary of any extension that promises a quick fix or access to something you normally wouldn’t be able to use. When in doubt, it’s best to chat with your favorite AI assistant in a browser window instead of using an extension because that way, the rest of your browsing data won’t be at risk.

Google News

Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.

More from Tom's Guide

Anthony Spadafora
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.