Researchers have discovered a serious security risk that uses dishonest browser extensions to target ChatGPT users. 16 malicious Chrome extensions have been found to be part of a coordinated campaign. These extensions are all made to look like trustworthy productivity tools and ChatGPT enhancement apps.

By actively stealing ChatGPT session authentication tokens, these malware extensions give attackers total access to the accounts and conversations of their victims. The campaign capitalizes on the increasing ubiquity of browser extensions driven by artificial intelligence. Threat actors have identified a chance to take advantage of this trend as more people install these tools to increase their productivity with ChatGPT and related platforms. The extensions mimic reputable productivity apps with convincing names and branding, making it challenging for regular users to discern between malicious and legitimate software.

Fetch API Hooking (Source: LayerX Research) These extensions successfully trick users into installing them through the official Chrome Web Store by posing as official ChatGPT enhancement tools. This coordinated campaign was discovered by LayerX Research analysts using sophisticated detection techniques and code analysis. The researchers found that the malicious code in all 16 extensions is almost identical, indicating that the same threat actor is responsible for a large-scale theft operation.

Extraction of Authorization Tokens (Source: LayerX Research) This finding demonstrates the increasing sophistication of organized threat actors in specifically targeting users of AI platforms. Interception of Session Tokens and Account Access These extensions' infection mechanism uses a cunning technical technique known as session token interception.

Installing one of these malicious extensions causes malicious code to be injected into ChatGPT-accessible pages right away. Content Script's primary world setting (Source: LayerX Research) After that, the extension targets the window and hooks into the browser's essential features.Web requests are handled by the fetch function. As a result, all outgoing traffic from ChatGPT's official website can be monitored by the malware.

The extension discreetly extracts these session tokens when it finds requests that contain authorization headers, which are the digital keys that ChatGPT's servers use to verify a user's identity. After that, these tokens are sent to servers under the control of the attacker. Criminals can completely impersonate users and gain access to all ChatGPT conversations, stored data, and related services like Google Drive, Slack, and GitHub if they have valid session tokens.

Visual Similarities (Source: LayerX Research) By avoiding the need to crack passwords or take advantage of software flaws, the tokens effectively provide account-level access comparable to that of authorized users. Because of this stealth-based strategy, traditional security tools frequently miss the theft. Beyond authentication tokens, the malicious extensions also collect usage telemetry and extension metadata.

Attackers can use this information to find patterns in user behavior and sustain long-term, persistent access to compromised accounts. Across all variations, the campaign has produced about 900 installations; however, researchers stress that this figure may rise quickly as AI-focused extensions become more widely used. AI-integrated browser extensions should be viewed by users and organizations as high-risk software that needs to be thoroughly examined before being used.

Security teams need to set up rules limiting third-party AI tools that need deep browser integration and put extension monitoring technologies into place. Set CSN as a Preferred Source in Google to Receive More Instant Updates from LinkedIn and X.