Click to zoom
Understanding the Data Harvesting Crisis
You ever stumbled upon those memes poking fun at the notion that there’s really no such thing as a free VPN? Funny, right? But honestly, there’s a cautionary tale behind that laughter, and it’s crucial to pay attention.
Investigating Urban VPN Proxy
A revealing study by the security firm Koi out of Tel Aviv lays bare an expansive data harvesting operation. It’s tied to a seemingly innocuous Google Chrome extension called Urban VPN Proxy, which surprisingly has about six million users and even has a “featured” badge from Google. But let’s be real; that’s raising all sorts of red flags.
Inside the Hidden Mechanisms
As Koi researcher Idan Dardikman points out, this extension doesn’t just operate like your typical VPN; it’s packing some malicious “executor” scripts that intercept conversations from major AI platforms. Yeah, we’re talking about well-known services like OpenAI's ChatGPT, Anthropic's Claude, and Google’s Gemini – the big players. So, imagine that!
The Scope of Data Collected
The kind of data being collected is alarmingly personal. Users may unknowingly share everything from ChatGPT data privacy risks 2025 and financial details to proprietary code snippets and even those intimate personal DMs. According to Dardikman, all this sensitive info gets sold under the shady guise of ‘marketing analytics’ – cozy, right?
Constant Scraping, No Consent
What’s truly unsettling is that Urban VPN Proxy scrapes user data continuously, regardless if the VPN is actually turned on. When you download this extension, you’re basically defaulting to having your conversations intercepted. Yikes.
The Lack of Transparency
And here’s where it gets a bit dicey—Forbes stresses that “There’s no user-facing toggle to disable this.” That means if you want to opt out completely, your only route is to uninstall the extension, which is frankly alarming.
The Company Behind the Curtain
Urban Cyber Security Inc, the brains behind the Urban VPN Proxy, isn’t shy about their data-handling practices. In their privacy policy, they state pretty clearly that they share “Web Browsing Data with our affiliated company,” which happens to be a data broker called BiScience. That company then monetizes this raw data for insights and distributes it to business partners. So, there’s that.
The Contradiction in Their Claims
Urban VPN Proxy’s Chrome Web Store page boldly claims that “your data is not being sold to third parties, outside of the approved use cases,” but that’s in stark contradiction to what they outline in their privacy policy. It’s like, which is it?
Broader Implications
This might be shocking to the six million Urban VPN Proxy users, but let’s be real — many other applications could be playing the same game. Forbes has flagged over two million users across seven more applications from the same publisher, all exhibiting “identical AI harvesting functionality.” Those numbers are staggering.
What You Can Do
As Koi’s Dardikman wisely advises, “If you’ve got any of these extensions installed, uninstall them right now. Assume every AI conversation you’ve had since July 2025 is being captured and sold.”
And hey, if you’re using apps that don’t even seem related to this company, it’s an excellent time to dive into their privacy policies for similar data harvesting permissions. It feels like we’re living in an era where the lines around data privacy are constantly shifting.
In Conclusion
So, stay informed and keep your guard up regarding the online tools you use. Data privacy risks are escalating in our digital realm, and it’s vital to take proactive steps to safeguard your personal information.
Thanks for reading!
If you found this article helpful, share it with others