What happened
Researchers at Microsoft have uncovered a malicious Chrome extension that impersonated the AI search engine Perplexity while secretly collecting users’ search activity. The extension, named “Search for perplexity ai” (extension ID: flkebkiofojicogddingbdmcmkpbplcd), was available through the Chrome Web Store before Google removed it following Microsoft’s responsible disclosure.
According to Microsoft’s Defender Research team, the extension replaced the browser’s default search engine and redirected every search query through an attacker-controlled domain, perplexity-ai[.]online, before forwarding users to legitimate search engines such as Perplexity, Google, or Bing. This allowed the attackers to record search terms, IP addresses, browser headers, and user-agent information while presenting users with normal search results.
The researchers also found that the extension intercepted characters typed into Chrome’s address bar before users even pressed Enter by modifying the browser’s live search suggestion feature. Microsoft said the extension requested permissions that enabled traffic redirection and contained additional functionality that could have expanded its capabilities in the future. The company found no evidence that passwords were stolen but concluded that the data collection was intentional.
Who is affected
Anyone who installed the fake “Search for perplexity ai” extension may have had their search activity exposed. Although Microsoft did not disclose how many users installed the extension, the campaign reflects a growing trend of attackers abusing the popularity of AI tools to distribute malicious browser extensions.
Organizations should also be aware that browser extensions remain a common attack vector. Employees who install unauthorized extensions on corporate devices may inadvertently expose browsing activity and other sensitive information, creating privacy and security risks for enterprise environments.
Why CISOs should care
The campaign highlights how cybercriminals continue to exploit trust in well-known AI brands to lure users into installing malicious software. Rather than targeting passwords or credentials directly, this extension focused on collecting search behavior and browser metadata, which can reveal sensitive business activities, research interests, and employee behavior.
For security leaders, the incident reinforces the importance of browser security governance. Browser extensions often require broad permissions that can be difficult for users to evaluate, making them an attractive avenue for attackers. As AI-branded applications become increasingly common, organizations should expect more campaigns that imitate trusted services to gain access to enterprise environments.
3 practical actions
- Restrict browser extensions by allowing only approved extensions through enterprise browser management policies.
- Monitor endpoints for unexpected changes to default search providers, unusual extension permissions, and outbound connections to unfamiliar domains.
- Train employees to verify extension publishers, official domains, and requested permissions before installing AI-related browser tools.
