The launch of Perplexity’s Comet AI browser — a major step forward in AI-assisted browsing — was almost immediately hijacked by cybercriminals. Within weeks of its July debut, threat intelligence firm BforeAI uncovered a coordinated impersonation campaign designed to exploit public interest in the new product. The campaign involved a web of fraudulent domains, fake mobile apps, and malicious advertisements, all working together to trick users into downloading counterfeit versions of Comet.
Attackers registered more than 40 fake domains using typosquatting and brand impersonation, targeting search terms like “Comet,” “AI,” “browser,” and “Perplexity.” These sites often mimicked the official download pages to capture traffic from curious users. Beyond the web, the campaign spread to mobile ecosystems — with fake Comet AI applications appearing on both Google Play and the Apple App Store. One app, “Comet AI Atlas App Info,” impersonated the legitimate product so convincingly that Perplexity’s CEO Aravind Srinivas publicly warned users, confirming the iOS version as “fake and spam.”
The malicious operation also leveraged Google Ads and social media promotions to push these fraudulent downloads, reflecting a high degree of coordination and resource management. Analysts believe this was no random phishing spree but a deliberate, financially motivated campaign orchestrated by experienced cybercriminals. Their use of international domain registrars, privacy protection services, and strategically parked domains suggests a sophisticated infrastructure optimized for deception and monetization.
The incident underscores a critical truth for the modern tech landscape: every major product launch has become a potential target for brand hijacking and impersonation attacks. As threat actors evolve to exploit hype cycles and emerging technologies, proactive brand monitoring, pre-launch threat modeling, and digital risk protection are now essential defensive measures. The Comet AI case serves as a warning to every technology innovator — cybercriminals are watching every launch, ready to strike before the first user even downloads the real product.
#Perplexity #CometAI #BrowserSecurity #CyberAttack #Typosquatting #FakeApps #AppStoreFraud #GooglePlayMalware #SocialEngineering #BrandImpersonation #CyberThreat #AI #DigitalRisk #CyberCrime #ThreatIntelligence #BforeAI #AravindSrinivas #OnlineSafety #Phishing #ScamAlert
