Society & Ethics

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

AI Quick Briefs Editorial Desk · June 29, 2026
Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

What happened

Microsoft discovered a malicious Chrome extension that impersonated the AI search engine Perplexity. The fake extension quietly intercepted all user searches and every character typed into the browser’s address bar. It sent this data to an attacker-controlled server before redirecting users to legitimate search results. Google removed the extension from the Chrome Web Store following Microsoft’s responsible disclosure. The extension pretended to offer AI search capabilities while secretly logging sensitive inputs.

The risk

This extension exposed users to significant privacy violations. By capturing every keystroke in the address bar and search queries, attackers could harvest sensitive information like passwords, personal details, or corporate secrets. Since the extension rerouted traffic through its servers before forwarding it to real services, it avoided raising immediate suspicion. Such spyware tactics undermine user trust in browser extensions, especially those branded with reputable AI names.

Why it matters

For anyone using browser extensions to enhance AI search or productivity, this incident raises the cost of trust. Malicious actors leveraging AI branding can slip past basic scrutiny while capturing sensitive user data. Organizations must tighten vetting processes for extensions and prioritize endpoint security to minimize risk. Users should audit installed extensions and avoid any that request excessive permissions or behave suspiciously. This episode also pressures browser stores to improve detection of covert data interception.

Who should pay attention

Security teams, IT operators, and privacy officers need to monitor extension usage closely, especially in environments with sensitive information. Developers and product managers building AI tools should ensure clear, transparent data handling policies to differentiate legitimate services from fake ones. Investors and founders in AI-based software must account for increased scrutiny and risk from imitative threats like this. End users should stay vigilant about extension permissions and updates.

What to watch next

Watch for how Google and other browser vendors enhance detection of intercepting extensions masquerading as trusted brands. Expect tighter developer requirements, broader vetting, and more proactive takedowns. Monitor whether similar attacks target other AI service extensions as their popularity grows. Operators should track new security tools aimed at analyzing extension behavior in real time. This case signals a rising threat vector in blending AI hype with malicious espionage.

AI Quick Briefs Editorial Desk

Read Full Article →
Related
Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs
Meta Contractors Posed as Teens to Prompt Rival Chatbots About Suicide, Sex, and Drugs
Tidal won’t pay royalties on AI-generated music but isn’t banning it outright
Tidal won’t pay royalties on AI-generated music but isn’t banning it outright
Tidal Says It Won’t Pay Royalties for AI-Generated Music
Tidal Says It Won’t Pay Royalties for AI-Generated Music
Stay ahead of AI Get the most important AI news delivered to your inbox — free.
Subscribe →