Find notable cyber news and cases, enriched with sources, timelines, and signals.

Fake AI assistant Chrome extension malware activity

Malware Activity
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

A cluster of 30 malicious Chrome extensions posing as AI assistants is stealing email content and other sensitive data from Chrome users, creating a broad browser-side exfiltration risk with 260,000+ downloads. The extensions are distributed through the Chrome Web Store and present a plausible chat interface while relaying prompts through attacker-controlled infrastructure. Some of the listings remained available more than 24 hours after publication, extending exposure. The activity matters because users may paste API keys, tokens, and regulated data into tools that appear legitimate.

Related Happenings

Silent Swap browser-extension clipboard clipper

Malware Activity
H score36 First: 30.06.2026 18:40 Last: 30.06.2026 18:40 Sources 1

About this happening: The **Silent Swap** malware activity now **installs malicious Chromium extensions** that intercept copied wallet addresses and **reroute cryptocurrency transfers** to attacker-con...

Search for perplexity ai malicious Chrome extension

Malware Activity
H score29 First: 29.06.2026 21:40 Last: 29.06.2026 21:40 Sources 1

About this happening: A malicious **Chrome extension** named **Search for perplexity ai** impersonated **Perplexity AI** while **intercepting search traffic** and collecting **browsing information** th...

Dormant remote-controlled JavaScript injection path in Adblock for YouTube Chrome extension

Technical Analysis
H score23 First: 25.06.2026 17:12 Last: 25.06.2026 17:12 Sources 1

About this happening: A **Chrome extension** with **10 million+ installs** was found to carry a **dormant script-injection path**, raising the risk of **arbitrary JavaScript execution** across visited...

Commercial adware and traffic-attribution-fraud affiliate operation using Chrome extensions

Threat Actor Meta
H score20 First: 15.06.2026 14:07 Last: 15.06.2026 14:07 Sources 1

About this happening: Researchers found a **commercial adware** and **traffic-attribution-fraud affiliate operation** abusing **Chrome extensions** to fabricate traffic signals and monetize installs, i...

Chrome extension PUP distribution network with fake organic traffic

Malware Activity
H score18 First: 15.06.2026 14:07 Last: 15.06.2026 14:07 Sources 1

About this happening: A network of **152 Google Chrome extensions** is distributing a **potentially unwanted program (PUP) family** through new-tab live-wallpaper add-ons, creating a broad browser-base...

Timeline

  1. 16.02.2026 16:00 2 articles · 4mo ago

    LayerX identifies malicious AI-themed Chrome extensions

    Initial Disclosure

    LayerX identifies 30 Google Chrome extensions in the Chrome Web Store that masquerade as AI assistants such as Gemini AI Sidebar and ChatGPT Translate while stealing email content, browser content, and other sensitive data users feed them. The set includes tools branded as AI Sidebar, AI Assistant, and AI GPT, accumulated more than 260,000 downloads, and some listings had more than four-star averages and Featured tags.

    Show sources