Malicious Browser Tool Impersonates Popular AI Search Engine, Spies on User Queries
Scammers uploaded a fake Perplexity extension to Chrome that monitored everything users searched for online.
A Dangerous Copycat Tool Infiltrates Chrome's Extension Store
Security researchers have uncovered a troubling scheme where cybercriminals disguised malicious software as the legitimate Perplexity AI search tool on Google's Chrome Web Store. The counterfeit extension silently tracked and recorded the search queries that users entered into their browsers, creating a window into their private online behavior.
This discovery highlights a growing problem: popular services are being impersonated by bad actors who exploit user trust. The fake extension looked nearly identical to the real thing, making it easy for unsuspecting people to download what they believed was the genuine product. Once installed, the impostor tool worked silently in the background, gathering data about what users searched for without their knowledge or permission.
Understanding the Threat
Think of browser extensions like helpful assistants that sit on your computer's shoulder. They can see everything you type into your web browser. A legitimate extension might help you organize your bookmarks or block ads. But a malicious extension acts more like an eavesdropper—it watches your every move and reports back to whoever created it.
In this case, the fake Perplexity extension was designed to be that eavesdropper. Every search query, every website visited, every piece of information you looked up—it all became visible to the criminals controlling the extension. This data is incredibly valuable because search history reveals personal interests, health concerns, financial situations, and much more about who you are.
Why This Matters for Internet Safety
This incident reveals several problems with how we download and trust software:
- Verification is difficult: Fake versions of popular tools can look almost identical to real ones, making them hard to spot
- Store monitoring gaps: Even official marketplaces like the Chrome Web Store don't catch every dangerous app before it goes live
- Data harvesting: Your search history is a goldmine of personal information that criminals can sell or use to target you
- Silent operation: Malicious extensions often work invisibly, so users have no idea they're being monitored
Protecting Yourself Going Forward
You don't need to panic, but you should take these practical steps:
- Check the developer name carefully. Visit the official website of any tool before downloading its extension. Compare the developer name listed in the store with what appears on their real website
- Review ratings and comments. Look at recent user reviews and reports. Fake apps often have suspiciously few reviews or negative comments warning about problems
- Audit your extensions. Open your browser settings and review every extension you have installed. Remove anything you don't recognize or no longer use
- Use official sources when possible. Some companies offer their tools through their main website rather than app stores, which can be safer
- Keep your browser updated. Security patches make it harder for malicious software to work properly
When downloading browser tools, trust but verify—check the official website first, and never assume that something in an app store is automatically legitimate.
This situation underscores why staying informed about digital security matters more than ever in our connected world.
Want to understand the technology behind this story? ITVedas has beginner-friendly guides on every IT topic.
Explore IT Chapters →