Fake Perplexity AI Extension Hijacks Browser Search and Logs Keystrokes
ID: 4d323875-127f-52ec-8eff-4377bd685acb
STIX ID: report--4d323875-127f-52ec-8eff-4377bd685acb
Feed Name: securityonline.info
Microsoft discovered a fake “Search for perplexity ai” Chrome extension on the Web Store that impersonated Perplexity AI, set itself as the default search provider, and captured every address-bar keystroke and query by routing them through attacker-controlled servers using a two‑hop redirect; the extension shipped server code and modular rule sets suggesting broader targeting potential. Google removed the listing after Microsoft reported it; defenders are advised to audit extensions, reset default search settings, and use published indicators and hunting queries to detect related activity.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
