A malicious extension within the Chrome Net Retailer impersonates the Perplexity AI reply engine, intercepting search site visitors and accumulating looking info.
The extension, known as “Seek for perplexity ai,” routes search queries and real-time solutions by means of its infrastructure earlier than redirecting customers to a reliable search service.
Microsoft Risk Intelligence researchers stated that whereas the extension doesn’t steal credentials or different delicate info, its permissions might simply permit it if operators determine to broaden the scope of information theft.
Pretend Perplexity AI extension
Perplexity AI is a analysis assistant that searches the online and synthesizes info in direct, conversational responses, somewhat than presenting customers with an inventory of hyperlinks they’ll go to to search out solutions.
Perplexity AI is on the market as an internet, cell (Android and iOS), and desktop app, and its official Chrome extension is called “Perplexity – AI Search.”
The faux extension found by Microsoft makes use of an identical model title and area “perplexity-ai(.)on-line” as an alternative of the real perplexity.ai.

Supply: Microsoft
As soon as put in, it modifies the browser’s search settings, changing the default search supplier and inflicting all deal with bar queries to move by means of the attacker’s infrastructure.
“The extension not solely overrides the browser’s search settings by means of chrome_settings_overrides and replaces the browser’s default search supplier, but in addition intercepts all queries within the Chromium browser’s omnibox and redirects them to intermediate infrastructure that isn’t related to the official vendor area,” Microsoft explains.
Based mostly on the logging code that Microsoft found on the extension’s servers, this stage of information assortment is not any accident and signifies intentional design.
The extension additionally requests Chrome permissions that permit redirection, URL rewriting, and monitoring when guidelines run.
“This extension requests robust DNR permissions that permit site visitors redirection, URL rewriting, and selective request filtering, which is inconsistent with anticipated AI assistant conduct,” the researchers stated.
Though Microsoft discovered no proof that the extension focused credentials, the information assortment routines noticed enabled widespread profiling and created the potential for exploitation.
Anybody who has put in an extension with ID “flkebkiofojicogddingbdmcmkpbplcd” ought to train excessive warning in eradicating the extension from their browser and rotating passwords for necessary accounts.
Safety groups doc 54% of profitable assaults and challenge a warning on solely 14%. The remainder strikes invisibly by means of the atmosphere.
Picus’ whitepaper reveals find out how to check your SIEM and EDR guidelines in breach and assault simulations to make sure threats go undetected.
Get the white paper
