Security researchers have uncovered a malicious Chrome extension on the Chrome Web Store that impersonated the popular Perplexity AI answer engine. Rather than providing the AI search capabilities it advertised, the extension covertly intercepted user search traffic and collected browsing data — a textbook supply chain and impersonation attack targeting AI tool users.
The Fake Extension
The malicious extension presented itself as a legitimate Perplexity AI browser tool, leveraging the brand's growing recognition among users who rely on AI-powered search. The extension was listed on the official Chrome Web Store, lending it an air of legitimacy that likely contributed to its install rate.
Once installed, the extension operated with elevated browser permissions that allowed it to:
- Intercept and monitor search queries across major search engines
- Track browsing behavior including visited URLs and navigation patterns
- Collect sensitive browsing information that could be used for targeted advertising, credential phishing, or sale on underground markets
How It Worked
Chrome extensions request permissions during installation, and users who granted the extension access to "read and change all your data on websites you visit" — a common and often overlooked permission — inadvertently handed the malicious extension broad visibility into their browser activity.
The extension likely exfiltrated collected data to attacker-controlled infrastructure, though the full scope of what was collected and where it was sent is still being investigated. Extensions of this type commonly function as:
- Adware monetizing search interception and redirect traffic
- Credential harvesters watching for login forms and autofill data
- Spyware building browsing profiles for sale to data brokers or threat actors
Why AI Tool Impersonation Is Effective
The choice to impersonate Perplexity specifically is telling. AI-powered tools have seen explosive user adoption, and many users are actively searching for browser extensions that integrate AI functionality into their everyday workflows. Attackers are exploiting this demand by publishing lookalike extensions that mimic popular AI brands.
This mirrors earlier campaigns that abused the ChatGPT brand in 2023 and 2024, flooding extension stores with fake "ChatGPT for Chrome" extensions that delivered adware, stealers, or backdoors.
Chrome Web Store Security Limitations
The incident highlights ongoing concerns about the Chrome Web Store's review process. Despite Google's automated scanning and periodic manual reviews, malicious extensions continue to make it onto the platform. The Web Store's open nature — which allows any developer to publish an extension — creates an inherent tension between accessibility and security.
Google has previously removed hundreds of malicious extensions in bulk after researcher disclosures, but the cat-and-mouse dynamic persists.
How to Stay Protected
Users should take the following precautions when installing Chrome extensions:
- Install extensions only from verified publishers — check the developer website and cross-reference official brand channels before installing
- Review permissions carefully — extensions requesting access to all website data should trigger heightened scrutiny
- Check install counts and reviews — legitimate tools from major brands typically have large install bases and active review histories
- Use the official Perplexity.ai website directly rather than relying on third-party extensions
- Audit installed extensions regularly — remove anything you don't actively use or recognize
- Keep Chrome updated — newer versions include improved extension permission warnings
If you believe you installed the malicious extension, remove it immediately, change passwords for accounts accessed while the extension was active, and check for unfamiliar activity in your Google account.