Urban VPN Proxy default-on AI chat harvesting in version 5.5.0
Security Tool/Service
Summary
Hide ▲
Show ▼
Urban VPN Proxy reportedly began default-on AI chat harvesting in version 5.5.0, exposing prompts, responses, timestamps and session IDs from major chat platforms and turning a privacy-branded extension into a sensitive-data collection channel. The behavior affects conversations on ChatGPT, Claude and Gemini, and researchers say more than 8 million users across Chrome and Edge may be exposed. The collection cannot be disabled in settings and reportedly continues even when the VPN is off, leaving uninstall as the only stopgap.
Related Happenings
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/Service
H score10
First: 06.06.2026 16:36
Last: 06.06.2026 16:36
Sources 1
About this happening:
**OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
OpenAI ChatGPT Lockdown Mode rollout limits prompt-injection exfiltration paths
Security Tool/ServiceAbout this happening: **OpenAI ChatGPT** is rolling out **Lockdown Mode** for eligible personal accounts, reducing the risk of **prompt-injection-driven data exfiltration**. The update adds stricter li...
ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw
Vulnerability
H score33
First: 31.03.2026 16:01
Last: 31.03.2026 16:01
Sources 1
About this happening:
A **ChatGPT** vulnerability let a **single malicious prompt** covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a **DNS side channel**. Th...
ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw
VulnerabilityAbout this happening: A **ChatGPT** vulnerability let a **single malicious prompt** covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a **DNS side channel**. Th...
AiFrame malicious Chrome extension campaign
Campaign
H score40
First: 12.02.2026 15:41
Last: 12.02.2026 15:41
Sources 1
About this happening:
The **AiFrame** campaign uses **fake AI assistants** in the **Chrome Web Store** to distribute **30 malicious Chrome extensions** that can **steal email content, browser content,...
AiFrame malicious Chrome extension campaign
CampaignAbout this happening: The **AiFrame** campaign uses **fake AI assistants** in the **Chrome Web Store** to distribute **30 malicious Chrome extensions** that can **steal email content, browser content,...
ChatGPT Mods token-stealing browser-extension campaign
Campaign
H score45
First: 30.01.2026 15:42
Last: 30.01.2026 15:42
Sources 1
About this happening:
The **ChatGPT Mods** campaign used **16 browser extensions** to inject a **content script** into **chatgpt[.]com**, stealing authentication tokens that could let operators imperso...
ChatGPT Mods token-stealing browser-extension campaign
CampaignAbout this happening: The **ChatGPT Mods** campaign used **16 browser extensions** to inject a **content script** into **chatgpt[.]com**, stealing authentication tokens that could let operators imperso...
Malicious Chrome Web Store extensions exfiltrating ChatGPT and DeepSeek conversations
Malware Activity
H score51
First: 06.01.2026 19:21
Last: 06.01.2026 19:21
Sources 1
About this happening:
**Malicious Chrome extensions** were used to **exfiltrate ChatGPT and DeepSeek conversations** from active browser sessions, alongside **Chrome tab URLs** and other browsing conte...
Malicious Chrome Web Store extensions exfiltrating ChatGPT and DeepSeek conversations
Malware ActivityAbout this happening: **Malicious Chrome extensions** were used to **exfiltrate ChatGPT and DeepSeek conversations** from active browser sessions, alongside **Chrome tab URLs** and other browsing conte...
Timeline
-
16.12.2025 18:45 1 articles · 6mo ago
Urban VPN Proxy version 5.5.0 adds AI chat harvesting
Technical Analysis UpdateUrban VPN Proxy version 5.5.0 introduced default-on functionality that injects code into supported AI websites, overrides browser network functions, and captures prompts, responses, timestamps and session identifiers from conversations on ChatGPT, Claude, Gemini and other targeted platforms before transmitting the data to company-controlled servers.
Show sources
- Urban VPN Proxy Accused of Harvesting AI Chat Conversations — www.infosecurity-magazine.com — 16.12.2025 18:45
-
16.12.2025 18:45 2 articles · 6mo ago
Koi publicly identifies Urban VPN Proxy AI chat harvesting
Initial DisclosureKoi identified Urban VPN Proxy as a central example of a Chrome extension with more than 6 million users and a Google “Featured” badge, said the extension harvested AI chat content from ChatGPT, Claude, Gemini and other platforms, and warned that more than 8 million users across Chrome and Edge may be affected; the report also noted that Urban VPN is operated by Urban Cyber Security Inc. and affiliated with BiScience.
Show sources
- Urban VPN Proxy Accused of Harvesting AI Chat Conversations — www.infosecurity-magazine.com — 16.12.2025 18:45
- Urban VPN Proxy Accused of Harvesting AI Chat Conversations — www.infosecurity-magazine.com — 16.12.2025 18:45