This VPN is harvesting your AI conversations – and 6 million people are using it

New research has discovered Urban VPN's browser extension collects, shares, and sells your highly sensitive personal data.

An investigation by Koi discovered the browser extension "Urban VPN Proxy" has been intercepting and capturing conversations from 10 AI platforms. Sensitive data is shared to Urban VPN's servers, and then sold to third-parties.

Urban VPN does not feature in our guide to the best VPNs, and we warned against people downloading it back in 2024. Despite the dangers, Urban VPN Proxy has six million users and an average rating of 4.7 stars, from 58,000 reviews, on the Google Play Store.

It describes itself as "the best secured Free VPN" but you should avoid it at all costs. If you're after a free VPN, we would strongly recommend the VPNs featured in our best free VPN guide – PrivadoVPN Free, Proton VPN Free, and Windscribe Free.

Silent and invasive data harvesting

Koi's investigation found that 10 major AI platforms were targeted by Urban VPN Proxy, including:

• ChatGPT
• Claude
• Gemini
• Microsoft Copilot
• Perplexity
• DeepSeek
• Grok (xAI)
• Meta AI

For each AI tool, Urban VPN Proxy operates a dedicated "executor" script, enabling it to capture conversations.

Worryingly, there is no way to disable this other than to uninstall the extension. The data collection also takes place whether you are connected to the VPN or not.

Your browser tabs are monitored at all times, and the script is injected as soon as you visit any of the AI platforms. Aggressive techniques are used to override any native browser functions. Data is then extracted, tagged, and sent to Urban VPN Proxy's servers.

Highly sensitive personal data is collected, including:

• Every AI prompt you enter
• Every AI response received
• Conversation IDs
• Timestamps
• Session metadata
• AI platform and model information

According to Koi, this malicious script was added in via an update in July 2025, with no such feature present before then. With Google Chrome and Microsoft Edge extensions updating automatically with no notification of new permissions, it's likely many users would have been unaware of this silent infiltration.

What does Urban VPN Proxy's privacy policy say?

To give Urban VPN Proxy some credit, it does disclose its data collection practices.

Its privacy policy states it "may collect your web browsing data" if you are a user of its "Windows or Android App and Extensions free versions."

It says data is processed and shared with its affiliate company "based on consent." For AI inputs and outputs, it says it will collect AI prompts and outputs, and prompts are disclosed "for marketing analytics purposes."

B.I Science (2009) Ltd. – which offers marketing and data insights – is listed as Urban VPN Proxy's affiliate company. Urban VPN Proxy's privacy policy states that BiScience uses its raw data to create insights "which are commercially used and shared with Business Partners."

Urban VPN Proxy's Google Play listing says it handles location, web history, and website content data. It also declares that data is:

• "Not being sold to third parties, outside of the approved use cases"
• "Not being used or transferred for purposes that are unrelated to the item's core functionality"
• "Not being used or transferred to determine creditworthiness or for lending purposes"

This appears to contradict what is stated in the privacy policy, and should be a red flag for anyone looking to download the extension.

Koi's research found the malicious script was also present in 1ClickVPN Proxy, Urban Browser Guard, and Urban Ad Blocker extensions for both Google Chrome and Microsoft Edge.

"Free" often comes with a cost

The old adage "if you're not paying for the product, you are the product" still holds true. We do recommend some free VPNs, but there are countless others out there that do more harm than good. VPNs take money to run, so if you're not funding it with your money directly, there's a high likelihood that you data is being used to generate revenue.

Sam Soares, Chief Revenue Officer at CultureAI, echoes this sentiment: “The Urban VPN story is a classic example of what happens when people put blind trust in ‘free’ tools. If you don’t know how a tool makes money, assume it’s monetising your data."

If you need a VPN, we highly recommend choosing a paid option. If that's not possible, pick from our choice of the best free VPNs – they're fully tested, proven to be safe to use, and don't collect or sell your data.

What action should you take?

If you have any of the extensions listed above downloaded on your device, delete them immediately. The invasive nature of their design means the only way to effectively protect yourself is to remove the apps entirely.

If you are concerned your data may have collected, you can sign up to a data removal service such as Incogni. These services contact data brokers on your behalf and submit deletion requests. They aren't 100% effective but do cover a lot of ground.

Incogni comes bundled with the 27-month Surfshark One+ plan, costing $4.19 per month ($113.13 up front pre-tax).

This also acts as a stark reminder to be mindful of what information you are feeding AI tools. The data practices of AI companies leaves a lot to be desired at the best of times, but combining this with malicious browser extensions could have devastating consequences for your personal information and privacy.

Thoroughly investigate the browser extensions you're downloading and, where possible, read the privacy policy.

When it comes to VPNs, there are countless dangerous apps out there. Only subscribe to genuine VPN providers, with verified no-logs policies and a high standard of privacy and security. Tom's Guide has reviewed hundreds of VPNs and we will only recommend a provider if it is genuinely secure and will protect your online privacy.