The Stealthy Threat of ‘Search for Perplexity AI’
In a significant cybersecurity discovery, Microsoft has unearthed a malicious Chrome extension that cunningly masqueraded as the legitimate AI search engine, Perplexity. This deceptive tool, identified as “Search for perplexity ai,” quietly intercepted and logged every search query and even individual characters typed into the browser’s address bar. Before users were redirected to their intended search results, all this sensitive data was routed through an attacker-controlled server. Following Microsoft’s responsible disclosure, Google promptly removed the extension from its Chrome Web Store, but the incident serves as a stark reminder of the evolving threats in our digital landscape.
How the Deception Unfolded: A Deep Dive into Data Interception
The Impersonation and Its Mechanism
The malicious extension, bearing the ID flkebkiofojicogddingbdmcmkpbplcd, leveraged a convincing look-alike domain, perplexity-ai[.]online, to mimic the authentic perplexity.ai service. Microsoft’s Defender research team confirmed that the primary objective was the systematic interception and collection of user search data. While no evidence of password theft was found, the extension demanded and utilized far more access than any legitimate search utility should ever require.
Upon installation, the extension would surreptitiously set itself as the browser’s default search engine. When a user initiated a search, the query was first directed to the attacker’s server at perplexity-ai[.]online. Here, critical user data—including browser headers, IP address, and user agent—was logged. Subsequently, a redirection rule would bounce the user to a genuine search engine (Perplexity, Google, or Bing), ensuring the results appeared normal and the theft remained undetected by the average user. The crucial data exfiltration occurred during this initial, fleeting stop at the attacker’s domain.
Beyond Searches: Address Bar Input Compromised
The threat extended beyond explicit search queries. The extension also manipulated the browser’s live search suggestions (via the suggest_url) to point to the same malicious domain. This meant that every character a user typed into the address bar, even before pressing Enter, was transmitted to the attacker’s server. This granular level of data collection represents a profound invasion of privacy, capturing not just completed thoughts but also partial inputs and potential misspellings.
Deliberate Malice: Unpacking the Technical Evidence
While Chrome permits legitimate extensions to override search providers, the act of rewriting and redirecting user traffic for data collection is unequivocally malicious. This particular extension explicitly requested the declarativeNetRequest family of permissions, precisely to enable such traffic manipulation. Furthermore, it shipped server-side code designed to log every request, which Microsoft cites as irrefutable proof that the data collection was a deliberate act, not an accidental byproduct of a redirect.
Adding to the evidence of premeditated intent, the extension contained disabled redirect rules for Google and Bing, indicating a potential future capability to extend its reach to these major search engines. It even included provisions to run WebAssembly code, a sophisticated feature entirely unnecessary for a simple search tool, further suggesting a more complex and potentially evolving malicious agenda.
A Growing Trend: AI Branding as a Cyber Trap
This incident is not isolated but rather fits into a disturbing pattern of malicious extensions exploiting the allure of AI branding. Cybercriminals are increasingly leveraging the hype around artificial intelligence to trick users into installing harmful software. Previous examples include extensions that swap default search engines to capture input, hijack search providers, or even skim sensitive conversations from AI platforms like ChatGPT and DeepSeek. Microsoft’s own research previously linked a wave of chat-skimming extensions to approximately 900,000 installs across over 20,000 corporate networks.
The key distinction in the Perplexity impersonator case is its target: it focused on general web searches and real-time address bar input, rather than just AI chat interactions, demonstrating a broader scope of data interception facilitated by Chrome’s own extension architecture.
Protecting Your Digital Footprint: Recommendations for Users and Organizations
For individuals who may have installed “Search for perplexity ai,” immediate action is crucial: remove the extension and meticulously verify that your browser’s default search engine settings have not been altered.
For organizations and teams, Microsoft offers fundamental cybersecurity advice:
- Allow only approved extensions through browser or company policy.
- Monitor diligently for any unauthorized changes to search settings, unusual extension permissions, and suspicious traffic directed to unfamiliar domains.
- Exercise
extreme caution
with AI-branded tools, always scrutinizing the publisher and the underlying domain before installation.
The Unseen Threat Actor and the Scale of Compromise
As of now, the operators behind this malicious extension remain unnamed, and Microsoft has not disclosed the total number of users who installed it before its removal. What is clear, however, is the potent combination of AI branding, which successfully lured installs, and the sophisticated search override mechanism that enabled extensive data collection.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
For more details, visit our website.
Source: Link
Leave a comment