Microsoft Threat Intelligence said on June 29, 2026 that it had found a malicious Chrome extension posing as the AI search service Perplexity, which intercepted users' search queries and address bar input. No password theft was confirmed, but the extension was flagged as dangerous because it sent the input data itself to an attacker-controlled server.
June 29, 2026 · Microsoft Threat Intelligence
Fake "Perplexity" Chrome Extension Quietly Stole Every Keystroke You Typed
A malicious Manifest V3 extension hijacked the browser's default search engine, funneling address-bar input — even individual keystrokes — to an attacker-controlled server, then bounced users back to real results so the theft went unnoticed.
2-hop
Redirect through the attacker server before reaching real results
0
Passwords confirmed stolen — but full requests, IP & User-Agent were logged
MV3
Built in modern Manifest V3 format; now removed from Chrome Web Store
How the search hijack worked
Step 1
User types in address bar
Extension set as default search engine
→
Step 2
Sent to perplexity-ai.online
Attacker server logs every request
→
Step 3
Bounced to real results
Perplexity / Google / Bing — user notices nothing
Impostor vs. real — almost identical
Typosquatting on the AI brand: only the publisher and destination differ.
⚠ Fake extension
Search for perplexity ai
→ perplexity-ai.online
Publisher: Impostor
✓ Legitimate extension
Perplexity - AI Companion
→ perplexity.ai (official)
Publisher: Official perplexity.ai
A rising trend
Malicious extensions are increasingly abusing AI branding to win trust. Compare this case against an earlier AI-assistant scheme that harvested chat histories.
Removed fast
Perplexity fake (scope undisclosed)
~900,000
installs in the March 2026 ChatGPT/DeepSeek case
20,000+
corporate networks reached by that earlier AI-assistant campaign
How to protect yourself
Verify the extension's publisher and requested permissions before installing.
Be alert to unexpected default-search overrides or traffic to unfamiliar domains.
In organizations, enforce extension restrictions via policy .
Continue reading The rest of this article is for AI News Blitz readers. Choose an option below to keep reading.
Already purchased? Sign in ✓ Signed in — this article isn’t included in your current plan.Unlocking the full article…