Global enthusiasm for artificial intelligence has created fertile ground for new cyber threats, pushing hundreds of thousands of users to download tools that promise to improve productivity but that, in reality, operate as sophisticated surveillance tools.
A recent investigation conducted by security researchers from LayerX has uncovered a wide operation named “AiFrame“, which involves about thirty extensions for the Google Chrome browser.
These add-ons, masquerading as virtual assistants and translators based on GPT or Gemini, have been designed to steal credentials, read the content of personal communications and monitor browsing activity.
These Chrome extensions with 300,000 users are actually malware
Although some of these applications have been removed from the Chrome Web Store, many could still be present on devices or accessible via online repositories.
It is essential to immediately verify whether any of the following components are installed in your browser, identified by BleepingComputer and LayerX with their respective identifiers and the approximate number of affected users:
- Gemini AI Sidebar (fppbiomdkfbhgjjdmojlogeceejinadg) – 80,000 users
- AI Sidebar (gghdfkafnhfpaooiolhncejnlgglhkhe) – 70,000 users
- AI Assistant (nlhpidbjmmffhoogcennoiopekbiglbp) – 60,000 users
- ChatGPT Translate (acaeafediijmccnjlokgcdiojiljfpbe) – 30,000 users
- AI GPT (kblengdlefjpjkekanpoidgoghdngdgl) – 20,000 users
- ChatGPT (llojfncgbabajmdglnkbhmiebiinohek) – 20,000 users
- AI Sidebar (djhjckkfgancelbmgcamjimgphaphjdl) – 10,000 users
- Google Gemini (fdlagfnfaheppaigholhoojabfaapnhb) – 10,000 users
It is worth noting that the names may vary slightly, but the internal structure and illicit purposes remain identical for all variants involved in the campaign.
A Deceptive Architecture
The analysis revealed that all extensions share the same JavaScript logic and communicate with a single backend infrastructure under the domain “tapnetic.pro“.
The method used to bypass security checks is particularly insidious. These add-ons do not implement AI capabilities locally. Instead, they generate a full-screen window (iframe) that loads content directly from the remote domain controlled by the attackers.
This strategy allows cybercriminals to modify the extension’s behavior at any time, adding malicious features without releasing an official update that would require a new Google review.
Gmail Privacy Violation
The most critical aspect revealed by the report concerns the specific activity on Gmail. About half of the catalogued extensions include dedicated scripts that activate as soon as the user signs into their mailbox (mail.google.com).
Using libraries to extract text, the software is able to read and copy the content of visible emails, including drafts not yet sent. When the user requests a summary or an AI-assisted reply, the data is transmitted to external servers, leaving Google’s account security perimeter for good.
In some cases, leveraging the Web Speech APIs, the extensions can even activate the microphone to transcribe and send ambient conversations.
In light of such evidence, the recommendation is simple: remove immediately any extension listed or of dubious origin and proceed to change passwords for all sensitive accounts used during the infection period.
