Artificial Intelligence & Machine Learning,
Data Privacy,
Data Security
Browser Tools Harvest AI Chatbot Data for Sale: Koi Security
Recent investigations reveal that a Chrome browser extension, touted as a free clientless VPN, has been clandestinely capturing user conversations on various AI chatbot platforms and selling this data to third-party brokers. This alarming finding was detailed by Koi Security, indicating that Urban VPN Proxy has gathered chat data from eight prominent AI services, impacting around 8 million users since July 2025.
Urban VPN, which boasts a 4.7-star rating on the Chrome Web Store, operated under a deceptive premise. The app recorded prompts from users and responses from AI platforms like ChatGPT, Claude, and Microsoft Copilot, among others, without any notification to users that their data was being harvested. This data collection persists regardless of whether the VPN feature is activated or disabled, rendering uninstalling the extension the only means to cease data collection— a fact confirmed by Koi Security’s co-founder, Idan Dardikman.
In addition to Urban VPN Proxy, several other browser extensions—including Urban Browser Guard and Urban Ad Blocker—have similar covert surveillance operations. Most of these tools carry a “Featured” badge, reflecting a level of approval from Google for user experience and design. However, these badges do not necessarily guarantee user data protection.
The pervasive risks associated with free VPN services have been highlighted by Google, which has cautioned users about potential data theft involving sensitive information. The data ethics of such services have come under fire in the past, notably in the case of Facebook’s Onavo VPN, which faced severe backlash for its data collection practices.
Notably, Urban VPN introduced the data harvesting feature in version 5.5.0, released on July 9, 2025. Users who downloaded the VPN for its intended services unwittingly received this new code allowing for surveillance. It’s advised that users operating Urban VPN during this timeframe assume that their conversations have been compromised and potentially retransmitted to data brokers.
The extension employs scripts that monitor browser activity on selected AI platforms. These scripts replace the fundamental APIs responsible for network requests, allowing the extension to intercept all network traffic on pages when users engage with chatbots. Captured data encompasses prompts, responses, timestamps, and other session information, which is eventually relayed to Urban VPN servers for commercial use.
Urban VPN Proxy operates under Urban Cyber Security Inc. and is affiliated with the data broker company BiScience. Prior research has revealed BiScience’s history of collecting extensive browsing data, connecting this data to persistent user identifiers, and selling aggregated insights. Koi Security’s findings indicate a troubling evolution of such practices, extending beyond browsing activity to encompass complete AI conversations.
The Urban VPN privacy policy mentions data sharing with BiScience, corroborating claims that user interactions are not just collected but also utilized for commercial gain. Despite claims of strong privacy measures, the user experience reflects a stark contrast, as users engage with AI chat systems unknowingly transferring sensitive information to third-party entities. As technology continues to evolve, maintaining user privacy and data security remains a critical concern in the rapidly changing digital landscape.
