Industry Newschrome extensionsgmail integrationlayerx securitydata exfiltration

Chrome Extensions Steal Users' API Keys

||By LDS Team
6.2
Relevance Score
Chrome Extensions Steal Users' API Keys
Photo: blogger.googleusercontent.com · rights & takedowns

LayerX Security reported this week that 32 malicious Chrome extensions installed by at least 260,000 users purport to be AI assistants but exfiltrate API keys, email messages, and other personal data. They all contact infrastructure under the tapnetic.pro domain, impersonate chatbots like ChatGPT and Gemini, and many remain available on the Chrome Web Store, creating broad data-exfiltration risk.

Key Points

  • 1Expose 32 Chrome extensions installed by 260,000+ users that exfiltrate API keys, email content, and page data
  • 2Exploit iframe-loaded remote code via tapnetic.pro to bypass Web Store updates and change UI/logic
  • 3Compromise Gmail threads, drafts, and spoken input, enabling credential theft and unnoticed data leakage

Scoring Rationale

Confirmed security finding with detailed technical evidence, but limited by reliance on a single security firm's report and pending vendor response.

Sources

Public references used for this report.

3 sources

Practice interview problems based on real data

1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.

Try 250 free problems