• Latest
  • All
  • How To
AI-powered chrome extension

Two-Thirds of Popular AI Chrome Extensions Pose Serious Threats to User Privacy and Security

August 8, 2023
KOKO Networks Puts Its Ethanol Empire Up For Sale

KOKO Networks Puts Its Ethanol Empire Up For Sale

July 8, 2026
Betting

New Betting Rules Let Families Request Gambling Bans for Loved Ones

July 8, 2026
Vodafone’s 55% Stake Gives It Control Over Safaricom Boardroom

Vodafone’s 55% Stake Gives It Control Over Safaricom Boardroom

July 8, 2026
Starlink

Starlink Suspends New Signups Across 7 Kenyan Counties as Capacity Fills Up

July 8, 2026
DHgate Tablet Cases deals
Muse Image

Meta Launches Muse Image, Its First In-House AI Image Generator

July 8, 2026
IEBC

IEBC Temporarily Suspends Online Voter Services During ICT System Upgrade

July 8, 2026
AI

Kenya’s AI Policy, As the Government Sees It

July 7, 2026
Why Netflix’s Biggest Shows Keep Losing Millions of Viewers After Season One

Why Netflix’s Biggest Shows Keep Losing Millions of Viewers After Season One

July 7, 2026
Folarin Balogun

FIFA Reverses Balogun Red Card Suspension After Trump Intervenes

July 7, 2026
Microsoft

Microsoft Cuts 4,800 Jobs With Xbox Losing 20% of Its Staff

July 7, 2026
Midjourney

Disney, Universal, and Warner Bros. Sue Midjourney Over AI Copyright Claims

July 7, 2026
Software

Finance Act 2026 Increases Software and Cloud Service Costs by 25%

July 6, 2026
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
No Result
View All Result

Two-Thirds of Popular AI Chrome Extensions Pose Serious Threats to User Privacy and Security

ElvyLewis Ndungu by ElvyLewis Ndungu
August 8, 2023
in News
Reading Time: 5 mins read
252
0
AI-powered chrome extension

A report by Incogni has revealed that two-thirds of popular AI Chrome extensions could wreak havoc on user security if turned malicious. The report draws to the importance of understanding the trade-offs between convenience vs user privacy and security when using these extensions.

“AI Chrome extensions offer undeniable convenience, but safeguarding your privacy and security should be a top priority. Understanding the data you share with extensions and their reliability in keeping it safe is crucial. By being cautious in choosing AI Chrome extensions and staying informed about their potential risks, users can embrace the benefits of AI while safeguarding their personal information,” advises Darius Belejevas, Head of Incogni.

The study analyzed 70 popular AI-powered extension extensions across 7 categories examining their risk metrics, permission requirements, and data collection practices. According to Incogni, the potential dangers associated with some AI extensions may be greater than you think.

Key Insights

  • 69% of investigated extensions have a high-risk impact (if turned malicious, they could be highly damaging to users’ cybersecurity).
  • 10 out of 10 AI-powered writing extensions have a high-risk impact (could do a lot of harm).
  • 10 out of 70 analyzed extensions have a high-risk impact and a high-risk likelihood (are more likely to turn malicious).
  • Over 59% of the investigated extensions collect user data, with 44% of them collecting personally identifiable information (PII).

Risk Impact and risk likelihood of the studied extensions

Risk impact is a measure based on the number of permissions requested by the extension. Extensions with a low-risk impact score can’t do much harm, even if they get into the wrong hands. Extensions with a high-risk impact, on the other hand, could be highly damaging if they get into the wrong hands because of the data they have access to. 

Risk likelihood is related to the perceived probability of a Chrome extension turning malicious. According to Incogni, it is derived by considering the publisher’s and extension’s reputation on the Chrome Web Store, how long the extension has been available on the store, and other data points concerning the extension.

.

The majority of AI Chrome extensions analyzed have a high-risk impact (48 out of 70 have a high or very high-risk impact). However, 29 of those are low-risk likelihood.

All 10 AI-writing extensions analyzed were found to have a high-risk impact. In fact, this group alone accounted for over 20% of all high-risk impact extensions.

Source: Incogni

In addition, the research found 10 extensions that had both a high-risk impact and high-risk likelihood across various categories with the most common being personal assistants and audio-visual generators.

Permissions requested

The permissions requested by these extensions dictate how much access and control over your browser, system and data they have. The potential damage if certain permissions (for example the webRequest permission allows an extension to “observe and analyze traffic to intercept, block or modify requests in flight”) given to the extension get into the wrong hands could be too critical.

Each of the studied extensions requested 3.7 permissions on average with AI-powered personal assistants requesting up to 5. AI-powered coding assistants required fewer permissions on average (2.3). Some of the frequently requested permissions include tabs, storage and contextMenus.

Some permissions with a broad range of implications include:

  • activeTab, required by 22/70 extensions which allow the extension access and control to the currently opened site. This permission can allow an extension to scan and manipulate the contents of the site.
  • Scripting, which was required by 17/20 of the studied extensions(including Grammarly, Quilibot and ChatGPT). This allows the extension to inject JavaScript and CSS code into a user’s webpage. This can change the content and layout of the page.
  • webRequest, required by 6/70 extensions. This extension can monitor and modify data sent between users and the websites they visit.

User Data collected

The AI-powered extensions studied collected an average of 1.4 data points each, including those that claimed they did not collect any data points at all.

Each of the seven categories contained at least one extension that collected Personally Identifiable Information (PII), user activity and website content. On the other hand, none of the extensions collected “health information”.

The researchers add, “Namely, it was observed that 31 out of 70 (44%) extensions collect personally identifiable information, which can include things like the user’s name, address, and identification number. 15 out of 70 (21%) extensions collect user activity, which can contain network monitoring and mouse position or keystroke logging. Lastly, 8 out of 70 (11%) extensions collect users’ locations.”

Overview of the 5 most popular AI Chrome extensions

Source: Incogni

Below are the top 5 AI-powered Chrome extensions:

  • Grammarly is the most popular Chrome extension with 10 million users. The extension requests 5 permissions including Scripting with users giving up 5 data points including PII, user location and activity. Grammarly was found to have a high risk-impact with a very low-risk likelihood.
  • QuilliBot is the second most popular Chrome extension with 2 million users. Users grant QuilliBot 7 permissions including activeTab and scripting while also giving up 4 data points including website content, PII, location and user activity. The extension was found to have a high-risk impact with a very low-risk likelihood.
  • WebGPT: ChatGPT with internet access. The extension does not collect any data points and only asks for storage permission. WebGPT: ChatGPT with internet was found to have a high-risk impact and a very high-risk likelihood.
  • Monica is the fourth most popular Chrome extension. The user gives up 4 data points including PII, personal communications, and financial and payment information. The extension also requests 3 permissions including scripting. Monica was found to have a high-risk impact with a low-risk likelihood.
  • ChatGPT for Search – Support GP4. The extension does not collect any data points but asks for 4 permissions, including scripting. It has moderate risk impact and likelihood.

Despite the boost in performance and enhanced browsing experience AI-powered offered by AI-powered extensions, it is important to consider their associated risk metrics, user permissions required as well data collected.

Tags: Google
SendShare148Tweet92
ElvyLewis Ndungu

ElvyLewis Ndungu

Just a guy who loves to code and has a passion for storytelling | Bringing you the latest on all things tech. You can reach me via [email protected] or on Twitter.

Related Posts

African Game Studios Can Now Apply for Google’s New $1 Million Fund

African Game Studios Can Now Apply for Google’s New $1 Million Fund

July 3, 2026
Outside Enterprise Allegedly Used Gemini to Build Massive Phishing Operation

Google Sues Scammers Using Gemini to Build Fake Government and Brand Sites

June 13, 2026
How a Remote IMEI Kill Switch Is Shaking Up the Stolen iPhone Market Worldwide

Following London Success, Apple Deploys Global Killswitch Feature to Eliminate Stolen iPhones Market

June 16, 2026
Gemini AI Debuts at World Cup with Argentina Partnership

Argentina to Deploy Gemini for Tactical Analysis as AI Makes World Cup Debut

June 16, 2026
Google I/O 2026

Google Rebuilds Search Around AI as Gemini Usage Crosses 3.2 Quadrillion Tokens

May 21, 2026
After 22 Years of Social Media Builds Up, Arsenal Finally Give Fans a Champion Moment to Share

First Gmail, First TikTok, First Status: Arsenal Claim Their First Ever Social‑Media Era EPL Title

May 20, 2026

Latest

KOKO Networks Puts Its Ethanol Empire Up For Sale

KOKO Networks Puts Its Ethanol Empire Up For Sale

July 8, 2026
Betting

New Betting Rules Let Families Request Gambling Bans for Loved Ones

July 8, 2026
Vodafone’s 55% Stake Gives It Control Over Safaricom Boardroom

Vodafone’s 55% Stake Gives It Control Over Safaricom Boardroom

July 8, 2026
Starlink

Starlink Suspends New Signups Across 7 Kenyan Counties as Capacity Fills Up

July 8, 2026
Muse Image

Meta Launches Muse Image, Its First In-House AI Image Generator

July 8, 2026
IEBC

IEBC Temporarily Suspends Online Voter Services During ICT System Upgrade

July 8, 2026

Best devices

Best Infinix Phones of 2025

Best Infinix Phones of 2025: Budget Prices With Premium Features

December 31, 2025

The Best Infinix Accessories Worth Buying in 2025

November 26, 2025

Best Budget Wireless Earbuds To Buy in Kenya (2025)

October 8, 2025

Samsung Galaxy A36 5G vs Samsung Galaxy A56 5G: Comparison Review

August 29, 2025

Infinix Hot 60 Pro+ vs Infinix Hot 60i: Comparison Review

August 22, 2025

Best Budget Smartwatches To Buy in Kenya 2025

February 13, 2025

Techweez is where tomorrow’s tech stories break today, thanks to intelligent analysis, real-world insight, and visionary storytelling.

Follow Us

Editorials

Inside Bumble, the Dating App Where Women Call the Shots

Locket: Photo Sharing App With No Feed, No Likes, and No Algorithms

Couple Joy: A Long-Distance Dating App That Builds Intimacy in Small Daily Acts

Airbuds: The App That Turns Your Music Into a Social Feed

Kenya Might Need to Crack Down on Wealth Porn Like China

Techweez and Gearhaus Score BAKE Awards 2026 Nominations

More News

Kenya’s AI Policy, As the Government Sees It

Why Netflix’s Biggest Shows Keep Losing Millions of Viewers After Season One

FIFA Reverses Balogun Red Card Suspension After Trump Intervenes

Microsoft Cuts 4,800 Jobs With Xbox Losing 20% of Its Staff

Disney, Universal, and Warner Bros. Sue Midjourney Over AI Copyright Claims

Finance Act 2026 Increases Software and Cloud Service Costs by 25%

  • Terms Of Use
  • Techweez Brand
  • Privacy & Policy
  • Contact Us

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!

Hey there! Just a heads-up: we're big fans of cookies - both the digital and edible kind! 🍪 We use our cookies and some from third parties to ensure your browsing experience on our site is smooth sailing and secure.

 

But wait, there's more! We also use cookies to gather stats and insights on how you navigate our site. It's like getting a behind-the-scenes peek at your digital adventures!

 

Don't worry, you're in control. You can adjust your cookie settings anytime to suit your preferences. Feeling curious? Dive into our Privacy Policy for all the juicy details. Happy browsing! 🚀

Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
No Result
View All Result
  • News
  • Reviews
  • Features
  • Editorial
  • Automotive
  • Entertainment

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.