← All stories
● Covered by 1 source Β· 1 reportMedium impact

Malicious Chrome Extension Logged User Searches Under Perplexity Name

Aggregated by BrevFeed security Β· updated 1d ago
πŸ”– Save

Microsoft discovered a malicious Chrome extension pretending to be Perplexity that intercepted user searches and address bar input. This extension logged every search query and typed character before redirecting users to legitimate search engines, posing a significant data privacy risk.

Key points

Malicious Extension Identified

Microsoft identified a Chrome extension posing as the AI search engine Perplexity, named 'Search for perplexity ai.' This extension was designed to log every search query and keystroke made in the browser's address bar, compromising user privacy by routing this data through an attacker-controlled server.

Data Logging Mechanism

Once installed, the extension changed the browser's default search engine to the attacker’s domain, perplexity-ai[.]online. It logged the search queries along with browser headers, IP address, and user agent information before redirecting users to legitimate search results from services like Google or Bing.

Exploiting Browser Features

Chrome's search provider overrides allowed the extension to capture all input typed in the address bar, not just completed searches. This functionality, often legitimate in other extensions, became a significant vector for data collection in this case.

Broader Implications

The discovery of this malicious extension highlights a trend of malicious software masquerading under AI branding. Microsoft reported that similar extensions have been linked to over 900,000 installations across thousands of corporate networks, emphasizing the growing risk to user data integrity.

Actions Taken

Following responsible disclosure, Google removed the malicious extension from the Chrome Web Store. Microsoft urged users to remain vigilant about extensions, especially those that modify search settings or request extensive permissions.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Reporting from

Microsoft discovered a malicious Chrome extension pretending to be Perplexity that intercepted user searches and address bar input. This extension logged every search query and typed character before redirecting users to legitimate search engines, posing a significant data privacy risk.