Malicious Chromium extension spoofs Perplexity AI to hijack browser searches
Summary
A malicious Chromium extension impersonating Perplexity AI has been removed by Google after it was found to intercept user search traffic. The extension routed queries through attacker-controlled servers before sending them to legitimate search engines, collecting browsing data in the process. This incident highlights a growing trend of attackers abusing the branding of popular AI platforms for malicious campaigns.
IFF Assessment
This article describes a malicious extension that hijacks user searches and collects data, which is detrimental to user security and privacy.
Defender Context
Defenders should be aware of the increasing use of AI-related branding in malware campaigns, as attackers aim to leverage the trust associated with popular AI tools. Users are susceptible to social engineering tactics that trick them into installing malicious extensions disguised as legitimate AI services, highlighting the need for vigilance and robust endpoint security solutions.