Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
A VPN is a common and recommended privacy tool when going online which is why many people download them as either apps for their computer or smartphone or as extensions for their browser of choice. However, not every VPN is trustworthy or even remains that way. Case in point, FreeVPN.One is a Chrome extension with 100,000 installs, a 3.8 star rating and even a verified badge. However, several recent updates have changed the status of the extension from safe to very suspicious.
As reported by Cybernews, researchers at Koi Security recently put out a report detailing their findings on the extension complete with a timeline that showed how it has shifted to spying on its users instead of protecting their privacy. This was done by taking screenshots of their displays and sending this data back to remote servers. When a webpage is loading, the extension will grab a screenshot in the background and then send it back to a server with additional details like the URL, tab ID number and a unique user identifier.
One of the features of the extension is “Scan with AI Threat Detection” which is intended to upload screenshots and URLs when the user clicks a ‘check URL’ button, however, there is no indication to the user that the extension has been repeatedly grabbing screenshots in the background even when this feature is not being used.
VPN extensions need some permissions to operate on a user’s system – usually proxy and storage permissions. However, FreeVPN.One required suspiciously more access including all URLs, tabs and scripting permissions. The researchers at Koi Security pointed out that this, in addition to the other issues the extension exhibited, opened the door to persistent surveillance of its users.
A developer is not named in either the privacy policy or the Terms of Service on the FreeVPN.One website, and their explanations to the security researchers about their findings do not match. According to the researchers: “The [developer] explained that the automatic screenshot capture is part of a Background Scanning feature, which should only trigger if a domain appears suspicious. In practice, we saw screenshots being captured on trusted services like Google Sheets and Google Photos, domains that cannot be considered suspicious” and the developer ceased communications when asked to provide proof of legitimacy.
Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button.
More from Tom's Guide
- Over 2 billion Gmail users at risk following database hack — how to stay safe
- FBI issues warning to all smartphone users — this dangerous new scam could be at your door
- 16 million PayPal accounts exposed on the dark web — emails, passwords and more for sale
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
