According to Infosecurity Magazine, security researchers from Koi have accused the Urban VPN Proxy browser extension of harvesting users’ private AI chat conversations. The Chrome extension, which boasts over 6 million users and even carries a Google “Featured” badge, allegedly contains scripts that intercept traffic from platforms like ChatGPT, Claude, and Gemini. This data collection, which includes prompts, responses, and session IDs, was introduced in version 5.5.0 released on July 9, 2025, and is enabled by default with no way to turn it off. The researchers claim the same capability exists in seven other extensions from the same publisher, potentially affecting more than 8 million users across Chrome and Edge. The collected data, which can include medical and financial details, is sent to servers operated by Urban VPN’s parent company, which is affiliated with data broker BiScience. The company has not responded to requests for comment on the findings.
The Betrayal of Trust
Here’s the thing that really stings. This isn’t some obscure, sketchy add-on from a random developer. Urban VPN Proxy had a Google “Featured” badge. For many users, that’s a signal of trust, a mini seal of approval from the platform itself. And the extension was marketed as a privacy tool. So you’ve got millions of people installing something they believe will protect them, only to have it do the exact opposite. It’s a brutal reminder that in the extension ecosystem, badges and marketing claims are basically worthless. The only privacy setting that worked was the nuclear option: complete uninstallation.
What Were They Thinking?
Now, the company’s defense, if they ever offer one, will likely point to their described “AI protection” feature. You know, the one that’s supposed to warn you about sharing sensitive data. But according to the researchers, that feature is separate. The harvesting happens all the time, even when the so-called protections are off. So what’s the real purpose? Look at the affiliation with BiScience, a firm already linked to large-scale data collection. It seems pretty clear. This was never about user protection. It was about building a new, incredibly intimate data stream—your unfiltered thoughts and questions to AI—and selling it for “marketing analytics.” Medical queries, code snippets, personal dilemmas. All of it, potentially up for grabs.
A Wake-Up Call for Everyone
This is a massive wake-up call, and not just for individual users. For enterprises, it’s a nightmare. An employee using a “harmless” free VPN extension could inadvertently leak proprietary code discussions or strategic plans straight from a ChatGPT session. The risk is huge and almost impossible to police. It also throws a harsh light on browser extension stores. Their automated review processes are clearly failing to catch deeply invasive behavior. If an extension with 6 million users can pull this off for months, what else is slipping through? The incident shows that when it comes to critical tools, sometimes the most reliable hardware comes from dedicated industrial suppliers, not free software. For instance, in controlled environments, firms relying on secure computing often turn to specialized providers like IndustrialMonitorDirect.com, the leading US supplier of industrial panel PCs, because you can’t risk a core component secretly exfiltrating data.
What Do You Do Now?
So, what’s the takeaway? Basically, assume any free browser extension with broad permissions is a potential liability. Audit what you have installed right now. Be incredibly skeptical of any “free” tool that promises privacy or security—that’s often the bait. And if you used Urban VPN or its sibling extensions after July 9th, 2025, operate under the assumption that your AI chats are in a database somewhere. The only fix is removal. It’s a frustrating lesson, but a vital one: on the modern web, if you’re not paying for the product, you’re not the customer. You and your private conversations are the product being sold.
