Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

FreeVPN.one Chrome extension stole user screenshots

Over 100,000 installs and a “Featured” badge hid spyware functionality, exposing gaps in Chrome Web Store vetting.

byAytun Çelebi
September 15, 2025
in Cybersecurity

A Chrome extension named FreeVPN.One, which had over 100,000 installations and a “Featured” badge in the Chrome Web Store, was discovered by Koi Security to be secretly taking screenshots of users’ web activity.

The extension has since been removed, but the incident reveals significant gaps in the vetting process for browser add-ons.

How the FreeVPN.one Chrome extension spied on users

Instead of only providing a VPN service, FreeVPN.One was designed to capture screenshots of every website a user visited. This included sensitive information like bank login details, personal photos, and confidential documents, which were then sent to a server controlled by the developer.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

The extension masked its surveillance by incrementally adding new permissions under the justification of an “AI Threat Detection” feature. This allowed it to gain extensive access to user browsing data through Chrome’s “ and scripting permissions without raising immediate alarm. What was presented as a security feature was actually a tool for constant monitoring.

Developer’s claims contradicted by evidence

Koi Security’s investigation confirmed that the extension captured screenshots even on trusted websites, such as Google Photos and Google Sheets. This finding directly refuted the developer’s claim that the feature was only active on “suspicious domains.”

When confronted with the evidence, the developer asserted that the screenshots were part of a “background scanning” feature and were not stored. However, he could not provide any proof of legitimacy, such as a company profile or GitHub repository, and eventually stopped responding to inquiries.

Warning signs of a malicious extension

Several red flags could have alerted users to the risks of FreeVPN.One:

  • Awkward grammar and poorly written descriptions in its store listing.
  • The developer’s contact information led only to a generic Wix starter page.
  • The promise of a completely free, unlimited VPN service with no clear business model to sustain it.

The fact that a malicious extension could operate for months with a “Featured” label raises questions about the effectiveness of the Chrome Web Store’s review process.

How to protect yourself if you installed the extension

If you installed FreeVPN.One or a similar suspicious extension, follow these steps to secure your information:

  • Uninstall the extension immediately: Navigate to Chrome’s extensions management page and remove it.
  • Switch to a trusted VPN: Choose a reputable provider that undergoes independent audits and has transparent privacy policies.
  • Run an antivirus scan: Use robust antivirus software to scan your system for any malware that may have been installed.
  • Change your passwords: Since anything you typed or viewed could have been compromised, change passwords for all important accounts, preferably using a password manager.
  • Consider a data removal service: These services can find your personal information on data broker sites and request its removal to limit how it can be used by scammers.

Always review the permissions an extension requests before installing it. A VPN extension asking for permission to access “all websites” is a massive red flag.


Featured image credit

Tags: CybersecurityFeaturedFree VPNGoogle Chrome

Related Posts

Fight for the Future launches campaign to protect VPN access

Fight for the Future launches campaign to protect VPN access

October 6, 2025
Yubico survey: 62% of Gen Z engaged with phishing scams

Yubico survey: 62% of Gen Z engaged with phishing scams

October 6, 2025
High-resolution computer mice can listen to conversations through desk vibrations

High-resolution computer mice can listen to conversations through desk vibrations

October 6, 2025
Could CTEM have prevented the Oracle Cloud breach?

Could CTEM have prevented the Oracle Cloud breach?

October 5, 2025
Free and effective anti-robocall tools are now available

Free and effective anti-robocall tools are now available

October 3, 2025
WestJet cyberattack: 1.2m passengers’ data stolen

WestJet cyberattack: 1.2m passengers’ data stolen

October 2, 2025

LATEST NEWS

Leaked real-world photos show Huawei Mate 80 series design

Snapchat Memories limits free storage to 5 GB

OpenAI Sora 2 requires opt-in for Nintendo, Pokémon content

OpenAI and Jony Ive developing new AI device, report details challenges

Microsoft warns of critical vulnerability as Windows 10 support deadline nears

OpenAI Agent Builder debuts with drag-and-drop workflows

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Glossary
    • Whitepapers
  • Newsletter
  • + More
    • Conversations
    • Events
    • About
      • About
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.