New Now you can listen to Fox News articles!
Browser extensions promise convenience, but some charge far more than they deliver. A new report from KOI Security says that freevpn.one, a Chrome extension with over 100,000 installs and even a “recommended” badge, has been secretly taking screenshots of users’ browsing sessions.
Sign up for my free cyberguy newsletter
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my Cyberguy.com/newsletter
How AI is now helping hackers fool your browser’s security tools
Google Chrome Extension FreeVPn.one may have been taking screenshots of users’ sensitive information. (Kurt “Cyberguy” Knutsson)
How freevpn.one secretly captured your browsing
Once installed, frevpn.one didn’t just handle VPN traffic. It silently captured screenshots of every website you visited, bank logins, private photos, and sensitive documents, and sent them to servers controlled by the developer.
Even worse, the extension added permissions incrementally, disguising its functionality as “AI threat detection.” What looked like a useful feature became a constant background surveillance tool.
Why these chrome extension threats are so dangerous
People install VPNs to protect their privacy. Instead, this extension turned those expectations on their head. By exploiting Chrome and script permissions, FreeVPN.Vone gained access to every page you opened.
Koi security researchers tested the extension and confirmed that it captures screenshots even on trusted sites like Google Photos and Google Sheets. The developer claimed that these images were not stored, but offered no evidence.
Malicious browser extensions caught spying on 2 million users
The screenshots were probably sent to the extension developer. (Kurt “Cyberguy” Knutsson)
Warning signs of unsafe free VPN extensions
There were red flags all along:
- Clumsy grammar and poorly written descriptions.
- A generic Wix page as the only developer “contact”.
- The promise of unlimited, free VPN service without a clear business model.
While some free VPNs can operate responsibly, most need a way to make a profit. If they don’t charge, it’s likely by selling your data.
FreeVPN.ONE developer response and Google removal
When Koi Security published its findings, the developer behind freevpn.one offered a partial explanation. He claimed that the automatic screenshot capture was part of a “background scanning” feature that was only intended for suspicious domains. He also said that the images were not stored, only briefly analyzed for threats.
But the researchers observed screenshots taken on trusted sites like Google Photos and Google Sheets that didn’t fit that explanation. The developer stopped responding when asked to provide proof of legitimacy, such as a company profile, GitHub repository, or professional contact. The only public link associated with the extension led to the basic Wix starter page.
FreeVPn.one ir noņemts no Chrome interneta veikala. Mēģinājumi apmeklēt tās lapu tagad atgrieziet ziņojumu: “Šī prece nav pieejama.”
Kamēr noņemšana samazina jaunu lejupielāžu risku, tas arī izceļ satraucošo plaisu. Pagarinājums, kas pavadīts mēnešus ar spiegprogrammatūras izturēšanos, joprojām pārvadājot verificētu etiķeti, radot jautājumus par to, cik pamatīgi hroma pārskata atjauninājumi par piedāvātajiem paplašinājumiem.
Google labo vēl vienu hroma drošības trūkumu, kas tiek aktīvi izmantots
Freevpn.one nav pieejams Microsoft Edge veikalā (Koi drošība)
Soļi, lai pasargātu sevi no VPN paplašinājuma spiegprogrammatūras
Ja esat instalējis FreeVPn.One vai kādu aizdomīgu Chrome VPN paplašinājumu, veiciet šīs darbības, ja jūs uztraucat par savu kiberdrošību:
1) nekavējoties atinstalējiet
Iet uz Hroms Līdz Logs Līdz Pagarinājumi un noklikšķiniet noņemt.
2) Izmantojiet uzticamu VPN
Pieturieties pie uzticamiem VPN pakalpojumu sniedzējiem, kuriem ir pierādījuši sasniegumi, revidējuši politikas un caurspīdīgas darbības. Izvēloties likumīgu VPN, jūs pārņemat kontroli pār savu privātumu, tā vietā, lai to nodotu anonīmam izstrādātājam. Uzticams VPN ir arī būtisks, lai aizsargātu jūsu tiešsaistes privātumu un nodrošinātu drošu, ātrdarbīgu savienojumu.
Par labāko VPN programmatūru skatiet mana eksperta pārskatā par labākajiem VPN, lai pārlūkotu tīmekli privāti Windows, Mac, Android & iOS ierīces pie Cyberguy.com/vpn
3) Skenējiet ierīci ar spēcīgu pretvīrusu programmatūru
Palaidiet uzticamu pretvīrusu rīku, lai pārbaudītu, vai nav slēpta ļaunprātīga programmatūra. Labākais veids, kā pasargāt sevi no ļaunprātīgām saitēm, kas instalē ļaunprātīgu programmatūru, potenciāli piekļūstot jūsu privātajai informācijai, ir spēcīga pretvīrusu programmatūra, kas instalēta visās jūsu ierīcēs. Šī aizsardzība var arī brīdināt jūs par pikšķerēšanas e -pastiem un ransomware izkrāpšanu, saglabājot jūsu personisko informāciju un digitālos aktīvus.
Iegūstiet manas izvēles par labākajiem 2025 pretvīrusu aizsardzības uzvarētājiem jūsu Windows, Mac, Android & iOS ierīcēm vietnē Cyberguy.com/lockupyourtech
4) Mainiet paroles
Pieņemsim, ka kaut ko drukātu vai apskatītu varēja reģistrēt. Apsveriet iespēju izmantot paroļu pārvaldnieku, kas droši glabā un ģenerē sarežģītas paroles, samazinot paroļu atkārtotas izmantošanas risku.
Tālāk pārbaudiet, vai jūsu paroles ir pakļautas iepriekšējiem pārkāpumiem. Mūsu #1 paroļu pārvaldnieks (skat. Cyberguy.com/passwords) Izvēle ietver iebūvētu pārkāpumu skeneri, kas pārbauda, vai jūsu paroles ir parādījušās zināmās noplūdēs. Ja atklājat sakritību, nekavējoties nomainiet atkārtoti izmantotās paroles un nodrošiniet šos kontus ar jauniem, unikāliem akreditācijas datiem.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com/passwords
5) Use a personal data removal service
Extensions like freevpn.one show how easy it is to collect and use your private information. Even after you uninstall the spyware, your personal information may already be circulating on data broker sites that sell your identity to marketers, scammers, and even cybercriminals. A personal data removal service can scan your information across hundreds of broker sites and automatically request its removal. This limits how much of your data can be weaponized if it is ever exposed through such an extension.
Check out my pick of the best data removal services and get a free scan to see if your personal information is already available on the web by visiting Cyberguy.com/delete
Get a free scan to see if your personal information is already available on the web: Cyberguy.com/freescan
6) Check permissions
Before adding any extension, review what it requests. If the VPN wants access to “All Sites, ” that’s a red flag.
Click here to get the Fox News app
Kurt’s main techniques
FreeVPn.one is a reminder that “free” often comes at a hidden cost; your data. Don’t assume an extension is safe just because it looks popular or has a badge. Be critical, vet carefully, and use privacy tools backed by real companies.
Would you trade your browsing privacy for a free tool, or is it time to rethink the cost of “free”? Let us know by writing to us at Cyberguy.com/contact
Sign up for my free cyberguy newsletter
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my Cyberguy.com/newsletter
Copyright 2025 Cyberguy.com. All rights reserved.
