All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Malicious Chromium extension impersonates Perplexity AI to hijack browser searches and collect data

By

Microsoft Defender Security Research Team

4d ago· 8 min readenNews

Summary

Microsoft Threat Intelligence has identified a malicious Chromium-based browser extension that impersonates the AI-powered answer engine Perplexity AI. The extension's primary goal is to intercept browser search traffic and collect user data, potentially enabling profiling, targeted advertising, or other misuse. The extension uses Manifest V3 APIs and intermediary infrastructure to redirect searches. Microsoft responsibly disclosed the threat to Google, and the extension has been taken down.

Source

bskyMalicious Chromium extension impersonates Perplexity AI to hijack browser searches and collect datamicrosoft.com

Key quotes

· 3 pulled
Microsoft Threat Intelligence has identified a malicious Chromium-based extension that spoofs the AI-powered answer engine Perplexity AI to trick unsuspecting users into installing it.
Based on our observation of the extension's behavior, we assess its primary objective to be search traffic interception and data collection, which might enable downstream use cases such as profiling, targeted advertising, or other forms of misuse depending on operator intent.
Through responsible disclosure, we reported this extension to Google, and it has been taken down as of this writing.
Snippet from the RSS feed
A malicious Chromium-based extension that spoofs the AI-powered answer engine Perplexity AI redirects browser search traffic using MV3 APIs and intermediary infrastructure.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.