Revealing the Hidden Dangers of a Popular Chrome VPN Extension

Browser extensions can enhance convenience, but they may also expose users to significant risks. A recent investigation by Koi Security unveils alarming findings regarding FreeVPN.One, a widely used Chrome extension boasting over 100,000 installations and a “Featured” badge. This extension has been discovered to secretly capture screenshots of users’ browsing sessions, stirring serious privacy concerns.

Understanding the Risks

FreeVPN.One promises to protect user privacy while surfing the web. However, after installation, it quickly became apparent that this extension was doing much more than routing VPN traffic. It began recording screenshots of every webpage visited, including bank login pages, personal photos, and sensitive documents. These screenshots were then transmitted to servers managed by the developer.

What compounds the issue is the deceptive nature of the permissions requested by FreeVPN.One. Initially, it claimed to require basic access, gradually expanding its permissions under the guise of “AI Threat Detection.” A feature intended to enhance security turned into a tool for ongoing surveillance.

False Promises of Privacy

Users typically install VPNs out of a desire to safeguard their online privacy. Unfortunately, FreeVPN.One reversed that expectation, gaining unauthorized access to every page viewed through Chrome by leveraging scripting and <all_urls> permissions.

Koi Security’s team conducted tests and verified that FreeVPN.One captured screenshots even from reputable sites like Google Photos and Google Sheets. While the developer denied storing these images, they failed to produce any credible evidence to support that claim.

Unraveling the Developer’s Claims

The original developer of FreeVPN.One offered a partial justification for these practices after Koi Security released its findings. He claimed that automatic captures were part of a “Background Scanning” feature targeted at potentially dangerous domains. Despite this assertion, the presence of screenshots obtained from trusted websites contradicted his explanation.

When researchers requested demonstrable proof, such as a professional contact, company details, or a GitHub repository, the developer ceased all communication. The single public link associated with the extension led to a rudimentary Wix starter page, raising further suspicions about its legitimacy.

An Urgent Response to the Threat

In light of these revelations, FreeVPN.One has been removed from the Chrome Web Store. Users who attempt to access its page now encounter a message stating: “This item is not available.” Although this removal reduces the potential for new users to download the extension, it underscores a critical vulnerability in how Chrome reviews featured extensions.

For several months, FreeVPN.One operated with spyware-like behavior while still maintaining an approved status. This oversight raises pressing questions regarding Chrome’s vetting process for extensions that appear to be secure.

Taking Control of Your Cybersecurity

If you have installed FreeVPN.One or any other suspicious Chrome VPN extension, it is crucial to take immediate action. Follow these steps to protect your cybersecurity:

1. Navigate to Chrome > Window > Extensions and click Remove.

2. Opt for reputable VPN services with established track records, transparent operations, and verified policies. By selecting a reliable VPN, you take charge of your online privacy rather than surrendering it to an unknown developer.

3. Utilize a trusted antivirus program to scan for potential hidden malware. Strong antivirus software can help safeguard against malicious links that may install harmful programs, keeping your personal information secure.

4. Consider employing a password manager. These tools securely store and generate complex passwords, thereby minimizing the risk of password reuse. Additionally, they can identify any passwords exposed in previous data breaches, allowing you to change compromised credentials swiftly.

5. Assess potential data exposure by utilizing personal data removal services. These services can investigate your information across numerous broker sites, automatically requesting its removal and limiting the likelihood of exploitation.

Vetting Extensions Before Installation

Before installing any new extension, take a moment to review the permissions it requests. If a VPN asks for access to “all websites,” treat it as a red flag. FreeVPN.One illustrates a critical lesson: the allure of free services can often come with hidden costs, including the sacrifice of your data privacy.

It’s essential to remain vigilant and skeptical of popular extensions, even those showcasing badges of trustworthiness. Research extensively and leverage privacy tools backed by reputable companies.

Reflect on the question: Would you exchange your browsing privacy for a no-cost tool? It’s time to evaluate the real price of “free”.

Secure Your Online Presence

As technology continues to evolve, the importance of robust cybersecurity measures cannot be overstated. By educating yourself about the potential risks associated with browser extensions and taking proactive steps to protect your data, you can significantly enhance your online safety.

In summary, the emergence of FreeVPN.One serves as a stark reminder of the vulnerabilities that exist in the digital landscape. Stay informed, practice due diligence, and prioritize your privacy to navigate the online world safely.