Associated Incidents
A popular Google Chrome browser extension has been found to be harvesting anything its users prompted into most of the biggest AI tools around, as well as collecting the chatbot's responses, all apparently in order to earn an extra few dollars for its owners.
Urban VPN Proxy has more than six million installations, and a 4.7/5 rating on the Google Chrome Web Store - and on the Microsoft Edge Add-ons marketplace, it has an additional 1.3 million installations.
It used to work as your ordinary VPN - by hiding the user's actual IP address and thus working around geoblocks and other various restrictions. However, as Koi security researchers discovered, on July 9 2025, the extension was updated with version 5.5.0, which introduced the AI harvesting by default.
Privacy policy updates
Anything users typed into ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSeek, Google Gemini, Grok, Meta AI, and Perplexity, would be picked up, as well as anything these tools returned. Furthermore, the extension also extracted conversation identifiers, timestamps, session metadata, and which AI platform and model was used.
The company behind the extension, called Urban Cyber Security, isn't hiding its practices, noting in its privacy policy document how it's harvesting "anonymized" data and sharing it with BIScience - another company it owns.
This company is an affiliated ad intelligence and brand monitoring organization. In other words, it analyzes large-scale, anonymized online behavior, helping businesses understand advertising performance, consumer journeys, and competitive activity.
While Urban says it removes personally identifiable data and does its best not to share sensitive information, the company stresses this cannot be guaranteed.
"However, the purpose of this processing is not to collect personal or identifiable data, we cannot fully guarantee the removal of all sensitive or personal information, we implement measures to filter out or eliminate any identifiers or personal data you may submit through the prompts and to de-identify and aggregate the data," the privacy policy reads.
Koi researchers said the same company has multiple extensions, all of which are harvesting the same data - 1ClickVPN Proxy, Urban Browser Guard, and Urban Ad Blocker.