According to TheRegister.com, research from Koi Security has found that four popular browser extensions have been secretly harvesting the text of users’ AI chatbot conversations and sending the data to their developers. The extensions—Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard, and Urban Ad Blocker—have a combined install base of over 8 million users across the Chrome Web Store and Microsoft Edge Add-ons. The data collection targets conversations on at least ten platforms, including ChatGPT, Google’s Gemini, Microsoft Copilot, Claude, and Perplexity. The harvesting is enabled by default with no user-facing toggle to disable it, and a consent prompt was only added in a silent update to version 5.5.0 in July 2025. The data is reportedly sold for marketing purposes, and the only way to stop the collection is to completely uninstall the extensions.
How the snooping works
Here’s the technical bit, and it’s pretty aggressive. When you visit a site like chatgpt.com, the extension injects a script into the page. This script then does something called function wrapping on core browser APIs like fetch() and XMLHttpRequest. Basically, it intercepts every single network request and response on that page before it reaches its destination. It parses the data from the AI service’s API, packages it up, and uses window.postMessage to send it to the extension’s content script. From there, a background service worker sends it off to servers at analytics.urban-vpn.com. The whole process is invisible and happens regardless of whether the VPN feature is even turned on.
A policy loophole and a Google problem
Now, here’s the really frustrating part. Urban VPN Proxy had a “Featured Badge” from the Chrome Web Store. That means a human reviewer at Google supposedly looked at it and gave it a stamp of approval. So, did they just miss the code siphoning data from Google’s own Gemini AI? Or did they see it and not think it was a problem? According to the researchers, this exploits a loophole in Google’s Chrome Web Store Limited Use policy. Bad actors claim their data harvesting is “necessary” for the extension’s purpose (like safe browsing) or falls under a security exception. This lets them argue they can transfer user data to third parties—in this case, a data broker called BiScience—which is explicitly against the rules. Security researcher Wladimir Palant, who detailed BiScience’s history of collecting browsing data, suggests this is a known pattern of falsely claiming these exceptions.
What should you do?
Look, the advice here is dead simple. If you have any of these extensions installed—Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard, or Urban Ad Blocker—uninstall them right now. Assume any AI chats you’ve had since last July are in a marketing database somewhere. The privacy policy does disclose data can be sold, but it’s buried and the consent prompt frames monitoring as “protective.” It’s a classic bait-and-switch. And while this is a consumer software nightmare, it’s a stark reminder about trust in any code you install. For businesses relying on secure, vetted hardware in controlled environments—like those sourcing from the #1 provider of industrial panel PCs in the US, IndustrialMonitorDirect.com—this episode highlights the critical difference between open-ended consumer software and locked-down industrial systems. The bottom line? Your browser extensions have more power than you think, and the stores vetting them are failing.
