Microsoft has uncovered a harmful Chrome extension masquerading as the AI search engine Perplexity, which secretly monitored user search activities. The extension rerouted all search queries and address bar inputs through a server controlled by attackers before displaying actual search results.
Extension Discovery and Removal
Following a responsible disclosure, Google removed the extension from its store. Named “Search for perplexity ai” and identified by ID flkebkiofojicogddingbdmcmkpbplcd, it utilized a deceptive domain, perplexity-ai[.]online, mimicking the legitimate perplexity.ai. Microsoft’s Defender research team highlighted the extension’s objective to intercept searches and gather data, although no evidence of password theft was found, indicating access beyond normal search functionalities.
Technical Details and Impact
Upon installation, this extension set itself as the browser’s default search engine. It initially directed search queries to perplexity-ai[.]online, where the attacker’s server logged details like browser headers, IP addresses, and user agents. Subsequently, users were redirected to genuine search engines such as Perplexity, Google, or Bing, masking the initial data theft.
The extension further compromised user privacy by redirecting live search suggestions (suggest_url) to the malicious domain, allowing attackers to capture every typed character. This action appeared to be a deliberate data collection effort, leveraging the declarativeNetRequest permissions to log requests and potentially execute WebAssembly code for further exploitation.
Security Measures and Recommendations
This incident is part of a broader trend of malicious extensions exploiting AI branding to deceive users. The differences in this case lie in targeting search queries and address bar inputs rather than AI chats. Microsoft’s research linked similar malicious activities to approximately 900,000 installations across over 20,000 company networks.
Users who installed “Search for perplexity ai” should remove it immediately and verify their default search engine settings. Microsoft advises organizations to enforce strict extension approvals, monitor for altered search settings, and scrutinize unusual extension permissions and domain traffic. It is crucial to approach AI-branded tools with caution, ensuring verification of publishers and domains before installation.
While the identity of the operator remains unknown, and the number of affected users was not disclosed, this incident highlights the importance of vigilance in managing browser extensions and maintaining cybersecurity.
