Browser extensions powered by artificial intelligence have become a favored method for cybercriminals aiming to collect sensitive user data. Recent investigations by security experts at LayerX have uncovered multiple schemes, including a prevalent one known as AiFrame, which targets users of Chrome, Firefox, and Edge. This campaign has introduced around 30 deceptive Chrome add-ons that masquerade as popular AI assistants such as Claude, ChatGPT, Gemini, Grok, and "AI Gmail," amassing over 300,000 installations collectively.
Disguised Extensions Mimic Trusted AI Tools
The extensions linked to AiFrame present themselves as legitimate AI applications designed for summarization, chatting, writing, and Gmail support. However, once these extensions are installed, they provide attackers with extensive remote access to the user's browser. Observed functionalities include voice recognition, pixel tracking, and the ability to read email content. Experts emphasize that these extensions are capable of gathering data and monitoring user activities extensively.
Despite the varied names and branding of the extensions analyzed by LayerX, all 30 share the same internal architecture, logic, permissions, and backend systems. Rather than executing functions locally on the user's device, they display a full-screen iframe that loads remote content as their interface. This design enables attackers to implement changes silently at any moment without needing an update from the Chrome Web Store.
LayerX has published a comprehensive list of the names and extension IDs for users to reference. Given that cybercriminals often utilize familiar or generic branding, such as "Gemini AI Sidebar" and "ChatGPT Translate," identifying these fakes may not be straightforward. Users with AI assistants installed in Chrome should navigate to chrome://extensions, activate Developer mode in the upper right corner, and search for the ID listed beneath the extension name. It is advisable to remove any malicious add-ons and reset passwords promptly.
As reported by BleepingComputer, while some malicious extensions have been removed from the Chrome Web Store, others continue to exist. A few have even earned the "Featured" badge, which enhances their perceived legitimacy. Attackers have demonstrated the ability to quickly republish extensions under new names using the existing infrastructure, suggesting that this campaign and similar ones may continue. Users should always scrutinize extensions carefully--relying solely on familiar names like ChatGPT is not sufficient--and be aware that even AI-driven add-ons from reputable sources can exhibit highly invasive behaviors.