A recent cybersecurity threat has emerged, involving malicious Chrome extensions masquerading as popular AI tools such as ChatGPT, Claude, Gemini, and Grok. These deceptive extensions, installed by over 260,000 users, employ remote-controlled iframes to conduct surveillance.
Widespread Impact Through Deceptive Extensions
Security experts have identified at least 30 Chrome extensions advertised as AI assistants for activities like summarization, chatting, translation, image creation, and email productivity. Despite differing in appearance and branding, these extensions share a common codebase and infrastructure, confirming a coordinated campaign.
Some of these malicious extensions were even labeled as ‘Featured’ on the Chrome Web Store, enhancing their legitimacy and download rates. This tactic has significantly contributed to the widespread distribution and installation of these harmful tools.
Technical Insights and Strategy
Attackers utilize a method known as ‘extension spraying,’ where a removed extension is swiftly replaced by a clone with a new name and ID. Instead of running AI functionalities natively, these extensions load a full-screen iframe from attacker-controlled domains like tapnetic[.]pro. This setup allows operators to modify functionality remotely without updating the Chrome Web Store version.
Once installed, these extensions can extract readable content from active browser tabs, capture voice input via the Web Speech API, and track installation metrics through hidden telemetry. A specific set of 15 extensions focuses on Gmail, injecting scripts to monitor and collect visible email content.
Protective Measures and Recommendations
All identified extensions communicate with domains under tapnetic[.]pro and onlineapp[.]pro, with themed subdomains linking back to a central backend system. When a high-install extension was removed in February 2025, an identical version reappeared quickly, illustrating the attackers’ persistence and adaptability.
To safeguard against these threats, cybersecurity experts recommend auditing AI-branded Chrome extensions within networks, monitoring for unusual iframe injections, and keeping an eye on outbound traffic to suspicious domains. Prioritizing runtime monitoring over static reviews can also enhance defensive measures.
Organizations should approach AI-themed browser extensions cautiously, implementing strict management policies to prevent potential breaches. Stay informed by following cybersecurity updates on platforms like Google News, LinkedIn, and X.
