A malicious Chrome extension, dubbed “Perplexity,” has been discovered intercepting search queries and address bar inputs from millions of users worldwide. The extension, which was available for download on the official Chrome Web Store, posed as a productivity tool that offered personalized recommendations and insights to users.
But beneath its innocuous façade, Perplexity was secretly collecting sensitive user data and redirecting it to unknown servers. This clandestine operation allowed attackers to eavesdrop on users’ online activities, compromising their private browsing sessions and potentially exposing them to phishing attacks or identity theft.
At its core, the malicious extension leveraged a technique known as “content injection,” which enables developers to inject custom content into web pages without modifying their underlying code. In this case, Perplexity exploited this feature to insert its own JavaScript code into user’s browser sessions, thereby intercepting and manipulating search queries and address bar inputs.
The extension’s reach was staggering, with estimates suggesting that it had been installed on over 5 million Chrome browsers worldwide. This has significant implications for users who relied on the extension for productivity purposes, as their personal data may now be in the hands of malicious actors. Furthermore, the fact that Perplexity was available on the official Chrome Web Store raises questions about the efficacy of Google’s security vetting process.
The Perplexity incident highlights the growing threat of AI-powered attacks in the cybersecurity landscape. As AI models become increasingly adept at identifying and exploiting software vulnerabilities, organizations must adapt their defenses to stay ahead of these emerging threats. This involves not only implementing robust security protocols but also fostering a culture of cybersecurity awareness among employees and users.
In light of this incident, it is essential for users to exercise caution when downloading browser extensions from online stores. While Perplexity was available on the Chrome Web Store, its malicious nature was not immediately apparent. Users should therefore scrutinize extension permissions carefully before installation and regularly review their installed extensions to ensure they align with their browsing habits.
In conclusion, the Perplexity incident serves as a stark reminder of the importance of vigilance in online security. By staying informed about emerging threats and adapting our defenses accordingly, we can minimize the risk of falling prey to malicious attacks like this one. As users, it is crucial that we prioritize digital hygiene practices, such as regularly updating our browsers, using strong passwords, and being mindful of the permissions granted to installed extensions.
Source: The Hacker News — 2026-06-29