ACCORDING to SecuritySnack, researchers found a malicious Chrome extension named “ChatGPT Ad Blocker” on the Google Chrome Web Store that is linked to the GitHub ID krittinkalra and masquerades as an ad blocker while primarily harvesting ChatGPT conversations. The extension ID is ipmmidjikiklckbngllogmggoofbhjikgb, and it was created on 10 February 2026 by krittinkalra (GitHub ID: 6893033).
Its operation includes fetching remote configuration via a webhook on a private Discord channel, with a 60‑minute periodic update cycle that uses cache‑busting to avoid caching. The extension’s scripts are designed to exfiltrate data by capturing the page HTML and sending it to a Discord webhook, with the content then posted as a page_dump.html attachment in a Discord message.
The security advisory notes that the activity appears to exploit OpenAI’s policy shift to serve ads on the free tier, and highlights related domains such as blockaiads[.]com, openadblock[.]com and gptadblock[.]com as IOCs.