Malicious ad-blocker extensions caught secretly reading users' AI chats

Two popular browser extensions posing as ad blockers have been quietly logging the AI chats of around 90,000 users. Security researchers at MalExt Sentry uncovered the campaign on June 13, 2026, dubbing it PromptSnatcher. While the extensions do indeed block ads, they also covertly record users’ entire conversations with eight AI platforms, including ChatGPT and Gemini.

These two extensions are culprits

The extensions identified by researchers are “Smart Adblocker” (extension ID iojpcjjdfhlcbgjnpngcmaojmlokmeii, approximately 80,000 users) and “Adblock for Browser” (ID jcbjcocinigpbgfpnhlpagidbmlngnnn, approximately 10,000 users). Both make use of the same infrastructure and hidden data engine, which the researchers refer to internally as “Panel 231”. To avoid raising suspicion, they block real ads using public filter lists and conceal their data collection behind a harmless-sounding consent option for “Enhanced Protection”, without mentioning AI chats

What the extensions covertly record

The built-in data engine targets eight AI platforms: ChatGPT, Gemini, Claude, Copilot, Perplexity, DeepSeek, Grok, and Meta AI. It taps directly into the websites’ data traffic and captures entire conversations, storing up to 10,000 characters for prompts and up to 30,000 characters for responses. It also tracks which model you use and whether you have a paid subscription. All collected data is sent to the developers’ servers. Meta AI wasn’t initially listed in the extension code, but tracking could be enabled later via remote configuration.

Why this is so problematic

AI chats often contain sensitive personal details, such as health-related questions, finances, job applications, passwords, and company-internal information. Most people using platforms like ChatGPT or Gemini assume that the contents of their conversation would remain private – an assumption exploited by these extensions. One particularly insidious detail is that the Firefox versions explicitly claim no data is being collected while doing the opposite.

What you should do

Check your browser extensions for “Smart Adblocker” and “Adblock for Browser” and remove them immediately if they are installed. In general, review which extensions have access to all websites and remove any you don’t recognize or need. When it comes to ad blockers, stick to well-known, open-source solutions. Finally, treat AI chats as semi-private services, meaning you shouldn’t enter any passwords, identification details, or sensitive company data you wouldn’t reveal to a stranger.

This case shows that seemingly benign browser extensions can still access deeply personal data. You can read MalExt Sentry’s report for more details, including a technical analysis containing all identifiers.