Free Chrome VPN extension turns malicious

[koolkat]

Researchers warn FreeVPN.One weaponized user trust for massive data collection

August 22, 2025

WTF?! Using free software and services, especially when no open source project is involved, usually requires a significant degree of trust from the end user. FreeVPN.One earned that trust over the years, only to eventually weaponize it against its own users.

A recent report by Koi Security unveiled the massive threat hidden within FreeVPN.One. The supposedly free and fast VPN extension was downloaded by more than 100,000 Chrome users, boasting its ability to mask internet traffic while protecting against web snooping. The developers even claimed it avoided the security risks typically associated with installing additional software on Windows or Mac computers.

According to Koi's research, FreeVPN.One was far more than just a simple security risk. While the developer stated that it would not collect or use any personal data, the extension was doing exactly the opposite. FreeVPN.One was, and still is, essentially a surveillance tool designed to track everything users were doing and every site they were visiting.

In recent months, the malicious extension began to silently capture screenshots of every web page visited. A background script would load a few seconds after each page appeared, requiring no user action or confirmation. Even worse, the screenshots were transmitted along with the page's URL, the tab ID, and a unique user identifier.

FreeVPN.One shows how a privacy branding can be flipped into a trap. You reach for protection, instead, the tool watches back.

https://www.techspot.com/news/109174-free-chrome-vpn-extension-turns-malicious-silently-recording.html