Overview
- LayerX researchers identified at least 16 browser add‑ons posing as ChatGPT productivity tools, with 15 on the Chrome Web Store and one on the Microsoft Edge marketplace.
- A script injected into chatgpt.com monitors outbound requests to exfiltrate session tokens along with metadata, usage telemetry, and backend‑issued access tokens.
- Stolen tokens let attackers impersonate victims to access chat histories and connected services such as Slack and GitHub.
- The extensions share code, branding, upload timing, and infrastructure linked to domains including chatgptmods.com and Imagents.top, indicating a single coordinated actor.
- Roughly 900 installs have been recorded so far and the listings remain available, prompting researchers to urge users to remove suspicious AI‑related extensions as one even displayed a Chrome Web Store “featured” badge.