{ "Event": { "analysis": "1", "date": "2026-03-05", "extends_uuid": "", "info": "[Threat Intel] Malicious AI Assistant Extensions Harvest LLM Chat Histories", "protected": false, "publish_timestamp": "1773274416", "published": true, "threat_level_id": "2", "timestamp": "1773274416", "uuid": "adcbdbed-d382-4542-b027-e3ab4c0710ce", "Orgc": { "name": "Rectifyq", "uuid": "cd9bd516-61fa-476b-980f-2f8de03992d4" }, "Tag": [ { "colour": "#96f4f6", "local": false, "name": "misp-galaxy:producer=\"Microsoft\"", "relationship_type": "" }, { "colour": "#ffffff", "local": false, "name": "tlp:clear", "relationship_type": "" }, { "colour": "#004646", "local": false, "name": "type:OSINT", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"none-from-src\"", "relationship_type": "" }, { "colour": "#b94b1d", "local": false, "name": "rectifyq:mitre-att&ck=\"from-OTX\"", "relationship_type": "" }, { "colour": "#bb2745", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Standard Encoding - T1132.001\"", "relationship_type": "" }, { "colour": "#d3f567", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"JavaScript - T1059.007\"", "relationship_type": "" }, { "colour": "#7773ac", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"External Remote Services - T1133\"", "relationship_type": "" }, { "colour": "#3eb869", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Local Data Staging - T1074.001\"", "relationship_type": "" }, { "colour": "#029dd6", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Software Extensions - T1176\"", "relationship_type": "" }, { "colour": "#68f2ff", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Data from Local System - T1005\"", "relationship_type": "" }, { "colour": "#62e1b7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Browser Session Hijacking - T1185\"", "relationship_type": "" }, { "colour": "#08b028", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Asymmetric Cryptography - T1573.002\"", "relationship_type": "" }, { "colour": "#92e858", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Web Protocols - T1071.001\"", "relationship_type": "" }, { "colour": "#5884a7", "local": false, "name": "misp-galaxy:mitre-attack-pattern=\"Malicious Link - T1204.001\"", "relationship_type": "" }, { "colour": "#49a260", "local": false, "name": "rectifyq:category=\"threat\"", "relationship_type": "" }, { "colour": "#130049", "local": false, "name": "rectifyq:sub-category=\"campaign-analysis\"", "relationship_type": "" }, { "colour": "#18005c", "local": false, "name": "rectifyq:topic=\"ai\"", "relationship_type": "" }, { "colour": "#18005e", "local": false, "name": "rectifyq:topic=\"supply-chain\"", "relationship_type": "" }, { "colour": "#ffd12e", "local": false, "name": "rectifyq:target=\"broad-based\"", "relationship_type": "" }, { "colour": "#55acee", "local": false, "name": "rectifyq:MY-relevancy=\"potentially-relevant\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"MalwareBazaar\"", "relationship_type": "" }, { "colour": "#626567", "local": false, "name": "rectifyq:no-samples-in=\"Tria.ge\"", "relationship_type": "" }, { "colour": "#3800d9", "local": false, "name": "rectifyq:action-taken=\"VT-comment\"", "relationship_type": "" }, { "colour": "#3d00e9", "local": false, "name": "rectifyq:action-taken=\"telegram\"", "relationship_type": "" } ], "Attribute": [ { "category": "External analysis", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1772852416", "to_ids": false, "type": "link", "uuid": "c5db5b88-1ff8-442c-b446-3d820a2b22ad", "value": "https://www.microsoft.com/en-us/security/blog/2026/03/05/malicious-ai-assistant-extensions-harvest-llm-chat-histories/" }, { "category": "Other", "comment": "Description", "deleted": false, "disable_correlation": false, "timestamp": "1772852416", "to_ids": false, "type": "text", "uuid": "a745263d-e8a2-49ab-a735-dada0fdce727", "value": "An investigation has uncovered malicious Chromium-based browser extensions masquerading as legitimate AI assistant tools to collect Large Language Model (LLM) chat histories and browsing data. These extensions have been installed approximately 900,000 times, affecting over 20,000 enterprise tenants. The malicious extensions collect full URLs and AI chat content from platforms like ChatGPT and DeepSeek, potentially exposing organizations to leaks of confidential information. The attack chain involves reconnaissance, weaponization, delivery through trusted app stores, exploitation of user trust, installation for persistence, and regular data exfiltration to attacker-controlled infrastructure. This activity transforms a seemingly benign productivity tool into a persistent data collection mechanism embedded in daily enterprise browser usage." }, { "category": "Other", "comment": "Summary", "deleted": false, "disable_correlation": false, "timestamp": "1772852416", "to_ids": false, "type": "text", "uuid": "91405a4d-286f-4a08-a343-1c7a3d1b810a", "value": "Name: Malicious AI Assistant Extensions Harvest LLM Chat Histories\nAuthor: AlienVault\nAdversary: \nTags: [\"chrome web store\", \"browser extension\", \"enterprise security\", \"data exfiltration\", \"ai assistant\", \"impersonation\"]\nTgtd countries: []\nMlwr families: []\nAttack_ids: [\"T1132.001\", \"T1059.007\", \"T1133\", \"T1074.001\", \"T1176\", \"T1005\", \"T1185\", \"T1573.002\", \"T1071.001\", \"T1204.001\"]\nIndustries: []" }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773023433", "to_ids": true, "type": "domain", "uuid": "1c31d448-c8c4-4740-91cd-b29983bb5df3", "value": "chatgptsidebar.pro", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773023454", "to_ids": true, "type": "domain", "uuid": "1aaa44a3-8161-48aa-986f-19606347de34", "value": "chatsaigpt.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773023476", "to_ids": true, "type": "domain", "uuid": "1599c6f0-5119-4cd1-8627-56b5596dff72", "value": "deepaichats.com", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] }, { "category": "Network activity", "comment": "", "deleted": false, "disable_correlation": false, "timestamp": "1773023497", "to_ids": true, "type": "domain", "uuid": "c088b151-1d7e-4fe9-b814-c5eac98064cd", "value": "chataigpt.pro", "Tag": [ { "colour": "#342294", "local": false, "name": "CommentAdded", "relationship_type": "" } ] } ] } }