Malicious Perplexity Comet Browser Download Ads Push Malware Via Google

Attackers are exploiting Google Ads with fake Comet Browser download links to spread malware disguised as Perplexity’s official installer. The campaign, tracked by DataDome, has ties to DarkGate.

A new malvertising campaign is taking advantage of the popularity of Perplexity’s recently released Comet browser, tricking users into downloading a malicious installer instead of the legitimate product.

The fraudulent ads appear at the top of Google search results under domains such as cometswift.com and cometlearn.net, both promoting what looks like a productivity browser linked to Perplexity.

When clicked, the ads redirect to perplexity.page, a fake landing page mimicking the official Comet browser site, complete with a download button that links to a malicious file hosted on GitHub.

The payload, named comet_latest.msi, is stored in a GitHub repository under the account "richardsuperman" and is believed to drop additional malware once executed. According to Jerome Segura, VP ...