The Free AI Tool You Installed Last Week Is Robbing You Blind

You needed help writing emails. Or summarizing articles. Or maybe you wanted AI that could read PDFs and answer questions about them. So you went to the Chrome Web Store, found an extension with 4.5 stars and 50,000 users, and clicked install.

It asked for permission to "read and change all your data on the websites you visit." You clicked Allow. Everyone does.

That extension is reading everything you type right now. Every email. Every password reset. Every login. Every prompt you send to ChatGPT. Every document you upload. It's not helping you — it's harvesting you.

And it's not just one extension. Unit 42 just identified dozens of them. They're all marketed as AI productivity tools. They all have clean websites and friendly branding. And they're all doing the exact same thing: stealing credentials, intercepting your work, and sending everything to servers you've never heard of.

You thought you were installing a writing assistant. You actually installed a wiretap.

Here's how it works — and why it's so effective.

Browser extensions can request different levels of permission. Most legitimate tools ask for narrow access: "Read data on docs.google.com" or "Modify text in Gmail." That's reasonable. You know what they're touching.

But these AI extensions ask for everything. "Read and change all your data on all websites." That means every site you visit, every form you fill out, every password manager autofill, every session token that keeps you logged in — the extension sees it all in real time.

The extensions Unit 42 analyzed weren't just watching passively. They were intercepting. When you typed a prompt into ChatGPT, the extension grabbed it before OpenAI saw it. When you pasted a document for AI to summarize, the extension copied it first. When you logged into your bank, the extension recorded your session.

Then it sent everything to external servers. Not OpenAI. Not Google. Random domains registered in countries with no data protection laws.

And here's the part that should make you furious: the Chrome Web Store approved them. These extensions passed review. They got listed publicly. Google's own marketplace told you they were safe to install.

Some of these extensions have been downloaded hundreds of thousands of times. The people using them include executives, lawyers, doctors, teachers, HR managers — people handling sensitive data every single day. And none of them know they've been compromised.

Two things happened in the last 18 months that turned this into an epidemic.

First, AI tools exploded. ChatGPT hit 100 million users faster than any product in history. Every company on earth started asking employees to "experiment with AI." People got told to find tools that make them faster. So they did. They Googled "best AI Chrome extensions" and installed whatever came up first.

Second, we stopped reading permission requests. We're numb to them now. Every app wants access to everything. Your weather app wants your contacts. Your flashlight app wants your location. After the 200th permission popup, you just click yes. The friction is gone. And attackers know it.

AI tools also create perfect cover. Of course an AI writing assistant needs to read your email — how else would it suggest replies? Of course an AI research tool needs access to every website — it has to summarize articles, right? The permission request sounds reasonable until you realize what "read and change all data" actually means.

Meanwhile, the Chrome Web Store has no meaningful vetting for data handling. Google checks if the code is malicious at install time. But these extensions aren't technically malware — they do what they claim. They just also steal everything you type. That's not a bug. That's the business model.

You don't need a security team to fix this. You need ten minutes.

1. Audit your extensions today.  

Open Chrome (or Edge or Brave). Go to Settings → Extensions. Look at every single one. If you don't remember installing it, remove it. If you installed it more than six months ago and haven't used it in weeks, remove it. If it's an AI tool you found through a random blog post, remove it.

2. Check permissions on everything that's left.  

Click "Details" under each extension. Scroll to "Permissions." If it says "Read and change all your data on all websites" and it's not a password manager or ad blocker you trust with your life, remove it immediately.

3. Stop using browser extensions for AI.  

Go directly to ChatGPT, Claude, or Gemini in a browser tab. Copy and paste manually. Yes, it's slower. It's also not sending your company's financial data to a server in Belarus.

4. If you manage a team, ban unapproved extensions.  

Your IT team can enforce this with browser policies. If you don't have IT, create a list of pre-approved tools and make it clear that anything else is a fireable offense. One compromised extension can expose your entire company.

5. Tell someone.  

Most people still have no idea this is happening. If you're a parent, check your kids' Chromebooks. If you run a business, check your employees' laptops. If you're a teacher, check the school's approved tools list. These extensions are everywhere.

Have you checked your browser extensions in the last six months? Did you find anything installed that you don't remember adding — or something that's asking for way more permission than it should?