More than 260,000 individuals have unknowingly installed harmful Google Chrome extensions posing as artificial intelligence (AI) tools that have been covertly collecting login details, email content, and browsing activities, as per recent findings by LayerX, a cybersecurity company.
Named AiFrame by researchers, this scheme involves approximately 30 extensions that are presented as AI assistants or productivity aids. While some have been deleted, many are still accessible in the Chrome Web Store and continue to have tens of thousands of downloads.
LayerX revealed that all these extensions have identical internal structures, JavaScript code, and backend systems, communicating with servers linked to a single domain. One of the most popular add-ons, “Gemini AI Sidebar,” reportedly had around 80,000 users before being removed. Various other extensions, like those labeled as AI sidebars, assistants, or translation tools, have also garnered tens of thousands of installations.
According to the researchers, the extensions did not execute AI functions locally on users’ devices but instead fetched remote content through a full-screen iframe, allowing operators to change functions without needing updated versions for review. This setup enabled the extensions to adjust behavior dynamically, potentially avoiding further scrutiny.
In the background, these add-ons extracted webpage content from visited sites, including pages with sensitive data for authentication. They utilized Mozilla’s Readability library to gather page information.
LayerX highlighted that when users activated features like AI-generated responses or summaries, email content could be sent to third-party servers controlled by the extension operators. Consequently, email messages and associated information might have been transmitted outside of Google’s secure environment to external servers.
The researchers also discovered that certain extensions incorporated voice recognition and transcription capabilities using the Web Speech API. Depending on user permissions, these functionalities could capture and transmit audio data from the device’s surroundings.
LayerX has released a list of signs of compromise and recommended users to carefully inspect installed extensions. Those suspecting they may have been impacted are advised to delete suspicious add-ons and reset passwords for their online accounts.