Unit42-timely-threat-intel/2026-03-09-Threat-Alert-30K-domains-distributing-malicious-AI-related-browser-extension.txt at main · PaloAltoNetworks/Unit42-timely-threat-intel
Palo Alto Networks Unit 42 discovered a large-scale malware campaign distributing over 30,000 domains to spread a malicious browser extension called "OmniBar AI Chat and Search." The extension hijacks browser homepages and redirects searches to attacker-controlled domains. This represents a significant threat leveraging AI-related branding for distribution and monetization.
Summary
Palo Alto Networks Unit 42 discovered a large-scale malware campaign distributing over 30,000 domains to spread a malicious browser extension called "OmniBar AI Chat and Search." The extension hijacks browser homepages and redirects searches to attacker-controlled domains. This represents a significant threat leveraging AI-related branding for distribution and monetization.
Indicators of Compromise
- malware — OmniBar AI Chat and Search