A malicious browser extension impersonating the Perplexity AI search engine was recently identified on the Chrome Web Store, actively intercepting user queries and exfiltrating browsing data. Distributed through Google’s official marketplace before its removal, the counterfeit add-on highlights a growing threat pattern: attackers are cloning trending AI tools to exploit user trust and bypass automated security filters.

Masquerading as the legitimate Perplexity answer engine, the extension requested broad host permissions under the guise of standard functionality. Once installed, it monitored and redirected web traffic, capturing search requests and detailed browsing history. This incident demonstrates how quickly malicious developers can weaponize the inherent permissions required by legitimate AI integrations, turning productivity utilities into covert data-exfiltration pipelines.

The discovery underscores a critical limitation in official extension marketplaces. While platforms like the Chrome Web Store enforce baseline compliance checks, automated scanners frequently struggle to distinguish between legitimate broad permissions and unauthorized data collection. Marketplace approval is not a security guarantee; post-deployment monitoring and user reporting remain the primary defenses against such threats.

For IT and security teams, this incident demands an immediate shift from reactive extension removal to proactive browser governance. Organizations must treat third-party add-ons with the same rigor applied to enterprise software deployments. Recommended controls include: - Enforcing strict publisher allowlists to block unvetted developers. - Conducting routine permission audits to ensure extensions only access necessary resources. - Applying zero-trust principles to all browser add-ons, particularly AI-themed tools that routinely request broad network access. - Restricting permissions to core functionality and actively monitoring for anomalous outbound data flows.

The case also reinforces the operational value of transparency in browser tooling. Proprietary extensions with obfuscated background processes hinder independent security validation, whereas open-source alternatives provide auditable codebases. When code is publicly inspectable, security teams can verify data-handling practices, validate permission requests, and ensure alignment with organizational compliance standards. As AI integrations become embedded in daily workflows, prioritizing verifiable, transparent browser tools will be essential to mitigating impersonation campaigns.

The counterfeit Perplexity extension has been removed from the Chrome Web Store, but its brief presence serves as a clear directive: official distribution channels require supplemental enterprise controls. By combining strict governance frameworks with user education on developer verification and permission scrutiny, organizations can effectively neutralize the risks posed by increasingly sophisticated AI-themed browser threats.


一款假冒 Perplexity AI 搜尋引擎的惡意瀏覽器擴充程式,近日於 Chrome Web Store 被發現。該程式主動攔截用戶查詢並外洩瀏覽數據。在遭下架前,此假冒插件曾透過 Google 官方市場分發,事件突顯出一種日益增長的威脅模式:攻擊者正複製熱門 AI 工具,以利用用戶信任並繞過自動化安全過濾機制。

該擴充程式偽裝成合法的 Perplexity 答案引擎,以標準功能為名要求廣泛的主機權限。安裝後,它會監控及重新導向網絡流量,擷取搜尋請求及詳細的瀏覽紀錄。此事件顯示,惡意開發人員能迅速將合法 AI 整合所需的固有權限武器化,把生產力工具轉化為隱蔽的數據外洩管道。

是次發現突顯官方擴充程式市場存在關鍵局限。儘管 Chrome Web Store 等平台會執行基本合規檢查,但自動化掃描工具往往難以區分合法的廣泛權限與未經授權的數據收集。市場審批並非安全保證;部署後的監控及用戶舉報,仍是抵禦此類威脅的主要防線。

對 IT 與保安團隊而言,此事件要求立即從被動移除擴充程式,轉向主動的瀏覽器管治。機構必須以企業軟件部署的同等嚴謹標準,對待第三方插件。建議實施的控制措施包括: - 執行嚴格的發布者白名單,封鎖未經審查的開發人員。 - 定期進行權限審計,確保擴充程式僅存取必要資源。 - 對所有瀏覽器插件實施零信任原則,特別是經常要求廣泛網絡存取的 AI 主題工具。 - 將權限限制於核心功能,並主動監控異常的出站數據流量。

此案例亦強化了瀏覽器工具透明度的運作價值。擁有混淆背景處理程序的專有擴充程式會阻礙獨立保安驗證,而 open source 替代方案則提供可審計的代碼庫。當代碼可公開檢視時,保安團隊便能核實數據處理方式、驗證權限請求,並確保符合機構的合規標準。隨著 AI 整合日益嵌入日常工作流程,優先採用可驗證且透明的瀏覽器工具,將對減緩仿冒活動至關重要。

假冒的 Perplexity 擴充程式已從 Chrome Web Store 下架,但其短暫存在發出一個明確訊號:官方分發渠道需要額外的企業級控制措施。透過結合嚴格的管治框架與用戶教育(涵蓋開發人員驗證及權限審查),機構能有效化解日益複雜的 AI 主題瀏覽器威脅所帶來的風險。

新聞來源 / Original News Source