- Security researchers found that a popular free chrome VPN extension has been stealthily taking screens on each site that its users visit
- FREEVPN.ONE can boast of over 100,000 downloads and Google’s “verified” and “Highlighted” Badges
- When it was limited to VPN functionality, the extension’s later updates were not designed for privacy, but to avoid detection
A popular Chrome VPN extension has been shown to spy on its over 100,000 users.
Koi Security published a comprehensive report that warned users that instead of protecting their data as the best VPN apps to do, FREEVPN.ONE takes screens on every site they are visiting.
Freevpn.one is a free VPN extension that managed to get two badges from the Google Chrome store, allegedly to further secure users of its security. Unfortunately, these badges might have been awarded mistakenly.
A reliable VPN extension turned into a privacy nightmare
FREEVPN.OONE LEGALLY LOOKS IN A MISTING. With over 100,000 downloads and Google’s endorsement, it seems like a safe alternative to paid VPN services. However, according to Koi Security, there is an eerie reality that hides just below the surface.
The expansion was marketed as a free, unlimited VPN service, and according to researchers it did for a while just that. However, future updates introduced a worrying development.
Koi Security reports that only a few seconds after any side load, a background trigger is grabbing a screenshot of it. This means that every site you visit with the extension activated is captured, including private photos, bank pages, medical items and all kinds of other sensitive information.
The screens are then sent to an external source, with scripts running to ensure the quality of data capture.
Another feature of FREEVPN.OON, called “AI threat detection”, also takes screenshots and uploads them to analyze the server side, but at least this one reveals that it does, while the rest of the app does not.
A few of the latest updates to FREEVPN.OONE appear to have made things worse for users’ privacy. Spyware, screenshots and location tracking allegedly started in July this year. Later that month, Koi Security reported, the developer raised the security to avoid detection while the screens continued to be assembled.
Koi Security reached out to the developer who claims that screens are taken only if the domain appears to be suspicious. However, even sites like Google photos are recorded that do not match this claim. Dev also says that the screens are not stored anywhere, but this is a difficult claim to verify. They eventually reportedly stopped responding to Koi Security’s requests for comment.
How to remain safe?
This situation outlines a bigger problem with certain free VPNs, as well as the ease on which certain developers can upload malicious apps to web shops and get user confidence. Recently, a Vextrio Viper, a group of cyber criminals, successfully shared a long list of malicious apps through popular app stores. This included a free VPN, ad blocker and even an online dating service.
Freevpn.one scored Google Play Store’s “Verified” badge, which should have meant that it was certainly safe, but it sounds like “it’s best avoided.”
If you used the FREEVPN.ONE extension, we recommend that you uninstall it. Consider downloading one of the best antivirus programs to also give your PC a thorough scan.
Next, it’s time to change your passwords to almost any site you may have accessed while using the extension. Better to be safe than sorry.
This highlights how important it is not to take chances when using a VPN service, which by default often has pretty strong permits when it comes to monitoring what you do. If you are not willing to get a premium service, turn to some of the best free VPN services to make sure they have been thoroughly tested to protect your data.
