8 Million Users’ AI Conversations Sold by ‘Privacy’ Extensions
Urban VPN Proxy and sibling extensions silently harvested and monetized intimate AI chat data for months.
A privacy-focused VPN extension is harvesting millions of AI chats—and selling them to data brokers. Here’s what happened.
Urban VPN Proxy and sibling extensions silently harvested and monetized intimate AI chat data for months.
Source: Koi AI — Source link
Highlights
| Metric | Value | Notes |
|---|---|---|
| Affected Extensions | 8 extensions across Chrome and Edge | Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard, Urban Ad Blocker |
| Total Users | 6,000,000+ Chrome, 1,323,622+ Edge | Featured by Google and Microsoft |
| AI Platforms Targeted | 10 platforms | ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok, Meta AI |
| Data Harvested | Prompts, responses, timestamps, conversation IDs | Exfiltrated via analytics.urban-vpn.com and stats.urban-vpn.com |
| Implementation Date | July 9, 2025 | Version 5.5.0 introduced silent harvesting |
| Business Model | Data sold to BiScience (data broker) | Used for marketing analytics |
Key points
- Extensions override browser fetch/XMLHttpRequest to intercept AI API traffic
- Harvesting runs continuously—unaffected by VPN status or user settings
- Consent prompt frames monitoring as protective; privacy policy admits data is sold
- Featured badges from Google/Microsoft imply safety, masking the surveillance
- No granular opt-out; harvesting persists even when AI protection is disabled
Timeline
- Before v5.5.0 — No AI conversation harvesting
- July 9, 2025 — Version 5.5.0 adds silent AI harvesting
- July 2025–Present — All targeted AI conversations exfiltrated
Why This Matters
Browser extensions with trusted store badges harvested deeply personal AI chats at massive scale. This exposes critical gaps in marketplace review processes and the risks of unchecked extension permissions.
