A widely used browser extension, previously considered safe, has been discovered to secretly collect user data, including screenshots of visited websites. The extension, known as freevpn.one, began capturing screenshots automatically upon visiting a webpage, with a background script activating shortly after the page loaded. No user consent or notification was required.
Freevpn.one demonstrates a concerning pattern: a service marketed for privacy can become a vehicle for surveillance. Users seeking protection are instead subjected to monitoring. What is presented as security can quietly function as a data collection channel, tracking online activity and location.
The extension also requests extensive access to Chrome browser data and settings, encompassing open tabs, URLs, and other user activities.
For years, a related extension, freevpn.be, operated as advertised, providing the services its developers promised. Though, over time, after establishing a user base and gaining trust, it underwent a transformation into a surveillance tool. The change in behavior with freevpn.one suggests a deliberate shift in functionality.
The collected screenshots were transmitted alongside the webpage address, card identifiers, and a unique user identification number, raising notable privacy concerns.
The finding highlights the risks associated with browser extensions and the importance of scrutinizing permissions requested by such tools. Users are advised to review the access granted to extensions and consider alternatives that prioritize privacy.
