A malicious extension has been discovered on the Chrome Web Store, masquerading as a legitimate tool from the popular Perplexity AI answer engine. The extension, called “Search for perplexity ai,” intercepts search traffic and collects browsing information, potentially exposing users to further exploitation. Microsoft Threat Intelligence researchers have shed light on the fake extension’s inner workings, highlighting the risks it poses to Chrome users.
The fake Perplexity AI extension uses similar branding to its legitimate counterpart, with a domain name that closely resembles the official perplexity.ai website. Once installed, the extension alters browser search settings to replace the default search provider and redirects address-bar queries through an intermediary infrastructure not associated with the official vendor domain. This allows the attackers to intercept sensitive information, including search queries and browsing habits.
Microsoft’s researchers found logging code on the extension’s server that indicates intentional design. The extension requests powerful permissions from Chrome, enabling traffic redirection, URL rewriting, and selective request filtering – capabilities not consistent with expected AI assistant behavior. Although there is no evidence of credential theft, the data collection routines still create potential avenues for exploitation through extensive profiling.
The fact that this extension made it onto the Chrome Web Store raises questions about the store’s vetting process. It also serves as a reminder to users to be cautious when installing extensions from unknown developers or with suspicious branding. Those who installed the “Search for perplexity ai” extension (identified by the ID “flkebkiofojicogddingbdmcmkpbplcd”) should remove it immediately and consider rotating their critical account passwords as a precaution.
In an era where AI-powered tools are increasingly prevalent, it’s essential to be aware of the potential risks associated with these technologies. By understanding how malicious actors exploit AI tools for their own gain, we can better protect ourselves from such threats. As a user, it’s crucial to remain vigilant and only install extensions from trusted sources – verifying the developer’s identity and checking reviews before making a decision.
In conclusion, this incident highlights the importance of being mindful of our online activities and the tools we use to facilitate them. By being proactive in protecting ourselves from such threats, we can minimize the risks associated with AI-powered technologies and ensure a safer browsing experience.
Source: Bleeping Computer — 2026-06-30