- A malicious free VPN extension is back in the Chrome Store
- The new free unlimited VPN extension already has over 31,000 installs
- Two previous versions were removed after spying on 9+M users
A notoriously dangerous free VPN extension appears to have made its way back to the Chrome Store, and it already has over 31,000 live installs – a new research report reveals.
The service is linked to a group of malicious VPN extensions that operate under the name “Free Unlimited VPN.” Two nearly identical free VPN extensions lurked in the Chrome Store for at least six years, quietly spying on over 9 million users.
They were removed in May 2025 after being flagged several times. Now, security researchers at LayerX Security have discovered that a new iteration of the extension is once again putting people’s privacy at risk.
“Free VPN extensions promise privacy, speed and one-click global access. For millions of users, they are an easy way to bypass restrictions or hide IP addresses without paying for a subscription. But that promise often hides a trade-off: if the product is free, your data becomes the product,” the researchers note.
The report comes just a week after Google warned users about malicious VPN apps that act as spyware in disguise.
How Free Unlimited VPN Puts Your Data at Risk
It only took a quick search in the Chrome Web Store to find the free unlimited VPN browser extension, and at first glance it looked legit. It had more than 110 reviews and an average rating of 4.4 out of 5, while promising total freedom and privacy with “no ads, no registrations and unlimited traffic.”
However, that’s not what you get if you sign up, according to LayerX Security.
They say that both the old and new versions of the VPN browser extension made far more proxy network requests. “They retrieved hidden configuration files from remote servers, changed proxy settings in real-time, and intercepted browser navigation events acting as remote proxy redirectors with hidden update channels,” they wrote.
In short: “What appeared to be a simple free VPN was in fact a full browser-level monitoring mechanism,” researchers warn.
Even worse, the LaxerX Security analysis found that the new version (released in July 2025) is “notably more advanced and evasive than the old one,” as its new infrastructure makes it harder to detect malicious activities.
Risks of using the extension range from traffic eavesdropping and stealthy redirection to dangerous phishing sites, to persistent remote control, serious privacy breaches and profiling.
You can read the entire safety analysis here. If you have downloaded the extension, we strongly recommend uninstalling the app and all the data associated with it as soon as possible.
Note that there are a few seemingly unrelated VPN apps with similar names, but these are not the subject of this review. And while we were initially able to find “Free Unlimited VPN” on the Google Web Store while writing the story, the app appears to have been removed at the time of publication (November 20).
How to protect yourself from malicious VPNs
LayerX Security’s research is the latest in a long line of studies that have highlighted the dangers lurking behind many free VPN solutions, even those offered in official app stores.
Even when these apps aren’t malicious per se, poor performance and intrusive, data-gathering ads are often the price to pay when using a free service.
This is why TechRadar only recommends very few free VPN services.
Proton VPN is among the best free VPNs and the company also offers a reliable VPN Chrome extension app. While super secure and private, the free version comes with a few drawbacks, such as not being able to choose your server location.
The good news is that subscribing to one of Proton VPN’s premium plans has never been cheaper thanks to its early Black Friday VPN deal.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
