A deceptive Chrome extension named ChatGPT Ad Blocker, available on the official Chrome Web Store, has been caught harvesting users' private conversations with the AI chatbot. The extension cloned the DOM of ChatGPT pages to extract text longer than 150 characters, then exfiltrated entire conversations through a Discord webhook to a bot called Captain Hook. The operation remained hidden by checking a GitHub file hourly for updated instructions, allowing attackers to modify tactics remotely without user detection.
The developer behind the extension, operating under the handle krittinkalra, is also linked to legitimate AI platforms Writecream and AI4ChatCo which claim over 1.5 million users. The account had been inactive for five years before suddenly resuming activity with this malicious tool, raising suspicions of potential compromise. DomainTools researchers note that while no evidence yet proves other apps by this developer are stealing data, the sudden shift from harmless software to malware is alarming.
Stolen information included not only chat content but also technical metadata and interface state information. The campaign coincided with OpenAI's introduction of ads for free-tier users, exploiting demand for ad-blocking solutions. Researchers have linked the scam to suspicious websites including blockaiads.com and gptadblock.com. Users are advised to avoid third-party ad blockers for ChatGPT and rely on official settings instead, as any intermediary application risks intercepting private conversations.
Read more...