The free VPN Chrome and Firefox extension may be reading your clipboard every half a second, researchers warn


  • Researchers found that “VPN Go” extensions for Chrome and Firefox secretly harvested copied text
  • The clipboard theft was not there at launch and arrived through a later update
  • Anything copied while the extension was active should now be treated as exposed

Security researchers at Socket found two browser extensions distributed under the “VPN Go: Free VPN” branding, one listed on the Chrome Web Store and one on Firefox Add-ons, to secretly harvest copied text.

Both present themselves as free VPN tools with working proxy features. Underneath, Socket says, both also run a clipboard that constantly watches for copied text and sends it to infrastructure controlled by the attacker.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top