As OpenAI introduces adverts for its free-tier customers, a brand new wave of scams is already seeking to money in. DomainTools, a group of web infrastructure displays, has recognized a malicious Chrome extension titled ChatGPT Advert Blocker, which was obtainable on the official Google Chrome Internet Retailer as just lately as 10 February 2026. Whereas customers thought they had been merely blocking advertisements from their screens, the extension was really maintaining a tally of ther their conversations with the ChatGPT AI chatbot.
The trick is straightforward however efficient. When a consumer opens ChatGPT, the extension executes a course of known as cloning the DOM. In easy phrases, it creates a replica of every part on the web page after which filters out photos and types to focus purely on the textual content (your non-public prompts and the AI’s solutions).
In keeping with DomainTools’ investigation, the extension flagged any textual content longer than 150 characters and despatched your entire dialog to a personal channel on the messaging app Discord. The information was intercepted by a bot, curiously named Captain Hook, which saved the stolen conversations for the hackers to learn later.
To maintain the operation hidden, the instrument checked a GitHub file each hour for brand new directions, permitting the attackers to vary their ways remotely with out the consumer ever suspecting a factor.
Hyperlinks to main AI apps
The developer accused of operating this malicious extension goes by the web deal with of krittinkalra, and isn’t a random hacker; they’re additionally linked to fashionable AI platforms Writecream and AI4ChatCo, which declare to have over 1.5 million customers.
“This recognized exercise seems to be positioning to make the most of the dramatic shift in OpenAI’s coverage to serve up commercials to its free tier customers by distributing malicious Chrome extensions alleging to dam ChatGPT advertisements. Particularly, the extension’s main objective is knowledge harvesting, stealing the complete dialog construction, consumer prompts, and metadata, and exfiltrating it through a Discord webhook. Once more, it begs the query, does the danger lengthen to different apps created by the identical developer?” DomainTools weblog submit reads.
Whereas there may be at the moment no proof that these different apps are stealing knowledge, the developer’s sudden transfer from innocent telephone software program to data-stealing malware has raised severe alarms. In your data, the account had been inactive for 5 years earlier than immediately resurfacing with this malicious instrument. It may very well be that their account was compromised to unfold the malicious extension.
The price of ‘free’
Researchers have additionally linked the rip-off to a number of suspicious web sites, together with blockaiads.com, openadblock.com, and gptadblock.com. Additional probing revealed that the stolen knowledge consists of not simply the chats themselves, but in addition technical metadata and the state of the consumer’s interface. Whereas advertisements are annoying, having your non-public chats and enterprise knowledge broadcast to a stranger is a far greater value to pay.
DomainTools means that the most secure method to keep away from advertisements is thru official settings, as any third-party “intermediary” app is completely positioned to pay attention to your most non-public dialog. For now, it’s best to deal with any instrument linked to this developer with suspicion.
