Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

The rapid rise of AI‑enhanced browser extensions has created a lucrative target for cybercriminals. As professionals seek to streamline workflows with ChatGPT‑powered add‑ons, attackers exploit the trust users place in official stores. By publishing sixteen malicious extensions across Chrome and Edge, the threat actor leveraged the platforms’ low‑friction distribution model to reach hundreds of users, capitalising on the growing appetite for AI‑driven productivity tools.

Technically, the extensions bypass conventional sandboxing by injecting scripts directly into the main JavaScript execution context of chatgpt.com. This approach grants the malicious code unfettered access to outbound requests, allowing it to siphon authentication headers and session tokens. The stolen credentials are then relayed to a remote server, where they can be used to impersonate victims, retrieve full chat histories, and harvest telemetry data. Because the attack operates within normal web‑page behavior, traditional endpoint detection systems often miss the activity, underscoring the need for deeper browser‑level monitoring.

For enterprises, the incident signals a pressing need to reassess extension governance policies. Organizations should enforce strict vetting of third‑party add‑ons, employ zero‑trust principles for web sessions, and deploy tools capable of inspecting main‑world script activity. Additionally, developers of AI platforms must consider tighter token management and anomaly detection to mitigate unauthorized access. As AI integration deepens across business processes, proactive security measures will be essential to safeguard both user privacy and corporate data integrity.