Analysis

Koi Security reports that four Chrome/Edge extensions — Urban VPN Proxy, 1ClickVPN Proxy, Urban Browser Guard and Urban Ad Blocker — with more than 8 million installs inject “executor” scripts that override fetch() and XMLHttpRequest to intercept chatbot traffic on at least eight AI platforms (ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok and Meta AI) and exfiltrate conversation text to analytics.urban-vpn.com and stats.urban-vpn.com. Collection was enabled by default via a hardcoded flag with no in-extension opt-out, and a consent prompt was added only in July 2025; users who installed earlier versions would not have seen the prompt. The extensions are affiliated with BiScience and Koi highlights the privacy policy permits sale of data for marketing, creating clear operational and compliance exposure for organizations that use browser-based AI tools — sensitive prompts, credentials or strategy discussions could have been captured. Chrome Web Store’s Featured Badge for Urban VPN and the identified “limited use” policy loophole imply platform review and policy interpretations may not have detected or prevented transfers to third-party data brokers. Market implications center on heightened regulatory and reputational risk for platform and browser-ecosystem stakeholders (Google/Chrome Web Store, Microsoft, Meta) and for any institutional users whose proprietary AI interactions were exposed; immediate remediation controls and anticipated regulatory scrutiny or enforcement are likely near-term outcomes. Koi’s explicit recommendation to uninstall these extensions and to assume AI conversations since July 2025 were captured frames immediate operational priorities for investors and corporate clients.