Shortly after AI search engine firm Perplexity launched its Comet AI browser, risk actors tried to capitalize on it by luring customers to fraudulent domains and pretend functions, risk intelligence agency BforeAI reviews.
Launched in July, Comet is a Chromium-based browser that integrates Perplexity’s AI assistant, providing help for automating duties, organizing emails, and researching the online.
Starting August, BforeAI noticed a rise in fraudulent domains selling an executable model of the browser accessible for obtain through third-party web sites.
Evaluation of over 40 suspicious domains confirmed the usage of typo-squatting, model impersonation, and misleading ads to lure customers to the fraudulent web sites.
The risk actors behind this coordinated marketing campaign used a number of key phrase variations containing ‘comet’, ‘AI’, ‘browser’, ‘perplexity’, and ‘obtain’.
Eight of the domains have been registered after Comet was launched, together with cometai.web site, cometaibrowser.com, perplexitycomet-ai.com, cometbrowser.web, and aicometbrowser.com, that are thought-about critical- and high-level threats.
The cometai.web area, the risk intelligence agency notes, has been parked for $9,999 on GoDaddy.
Moreover, BforeAI recognized two critical-level cell utility threats within the Google Play Retailer, similar to Comet AI Atlas App Information, which immediately impersonates the browser.
A fraudulent iOS utility was additionally recognized, and Perplexity CEO Aravind Srinivas warned of its existence earlier this month.
“The Comet app at the moment on iOS App Retailer is faux and spam and never from Perplexity,” his public warning reads.
The risk intelligence agency additionally found Google advertisements selling fraudulent Comet downloads and social media advertisements that directed to faux websites, and linked them to the identical marketing campaign.
“The timing of area registrations intently follows Comet’s launch timeline, indicating opportunistic cybercriminals monitoring for rising expertise tendencies. The usage of worldwide registrars, privateness safety providers, and parking pages suggests coordination amongst risk actors,” BforeAI notes.
Associated: AI Sidebar Spoofing Places ChatGPT Atlas, Perplexity Comet and Different Browsers at Threat
Associated: Browser Extensions Pose Severe Risk to Gen-AI Instruments Dealing with Delicate Information
Associated: Browser Safety Underneath Siege: The Alarming Rise of AI-Powered Phishing
Associated: The Shadow AI Surge: Examine Finds 50% of Employees Use Unapproved AI Instruments
