- Security researchers found that a popular free Chrome VPN extension He has been taking screenshots from each website of each website that visit its users
- Freevpn.one has more than 100,000 downloads and the “verified” and “presented” badges of Google
- Once limited to VPN functionality, subsequent extension updates were designed not for privacy, but to evade detection
It has been found that a popular extension of Chrome VPN spy to its more than 100,000 users.
Koi Security published an extensive report, warning users that, instead of protecting their data as the best VPN applications, they should do, Freevpn. One takes screenshots from each website they visit.
Freevpn.one is a free VPN extension that managed to obtain two badges from the Google Chrome store, supposedly to even more assure users their safety. Unfortunately, those badges could have been granted by error.
A reliable VPN extension became a privacy nightmare
Freevpn. One seems legitimate at a glance. With more than 100,000 downloads and the support of Google, it seems a safe alternative to paid VPN services. However, according to Koi’s security, there is a sinister reality that hides just below the surface.
The extension was marketed as a free and unlimited VPN service, and according to the researchers, for a while, it did exactly that. However, future updates introduced a worrying development.
Koi Security reports that they are only loaded only after any page, a background trigger takes a screenshot of it. This means that each website that visits with the enabled extension is captured, including private photos, bank sites, medical records and all kinds of other confidential information.
The screenshots are sent to an external source, with scripts that are executed to guarantee the quality of data capture.
Another feature on freevpn.one, called “IA threat detection”, also takes screenshots and loads for the analysis of the server side, but at least it reveals that it does, while the rest of the application does not.
Some of Freevpn’s most recent updates. UNE seems to have worsened things for user privacy. Spyware, screenshots and location monitoring supposedly began in July this year. Later that same month, Koi Security reported, the developer increased security to evade detection, while screenshots continued to be collected.
Koi Security contacted the developer, who states that screenshots are only taken if the domain seems suspicious. However, websites such as Google Photos are even recorded, which does not align with that statement. Development also says that screenshots are not stored anywhere, but this is a difficult claim to verify. Finally they allegedly stopped responding to Koi Security’s requests.
How to stay safe?
This situation describes a major problem with certain free VPNs, as well as the ease with which certain developers can load malicious applications in web stores and obtain user trust. Recently, a Viper Vextrio, a group of cybercriminals, successfully shared a long list of malicious applications through popular application stores. This included a free VPN, an advertisement blocker and even an online dating service.
Freevpn.one obtained the “verified” badge of Google Play Store, which should have meant that it was definitely safe, but it sounds like “it is better to avoid.”
If you used the freevpn.one extension, we recommend that you uninstall immediately. Consider downloading one of the best antivirus programs to give your PC an exhaustive exploration as well.
Next, it is time to change your passwords to almost all websites that you may have accessed while using the extension. It is better to be sure than cure.
This highlights how important it is not to risk when a VPN service is used, which, by default, often has quite strong permits when it comes to monitoring what it does. If you are not willing to obtain a premium service, it resorts to some of the best free VPN services to ensure that they have been thoroughly tested to protect your data.