Unreported Data Collection by Free Chrome VPN Extension
In a recent development, cybersecurity firm Koi Security has raised concerns about the free Chrome VPN extension FreeVPN.One. The findings match Koi Security's own discoveries about the extension's data collection practices, which are a cause for alarm.
According to Koi Security, the extension may take screenshots of visited pages, including page content and URL, and send them to company servers. This raises questions about user data privacy and security, as such practices are typically considered invasive and without clear user consent.
Interestingly, when Koi Security pressed the developer for proof of legitimacy, the developer stopped responding. This lack of transparency is another red flag, especially in the realm of VPN services.
Moreover, the latest version of the privacy policy no longer mentions CMO Ltd. as the operator of the app. This change, coupled with the lack of explicit information about the company behind FreeVPN.One, adds to the mystery surrounding the extension's operations. The only indication of the operator is an email domain that redirects to a basic website hosted on a free Wix site.
It's important to note that reliable VPNs usually charge a fee to support secure infrastructure. On the other hand, free VPNs like FreeVPN.One may track or sell user activity. Legitimate VPN providers disclose who they are, where they're based, and how they handle data. In contrast, FreeVPN.One is not explicitly named in the search results, but the extension is identified as rogue and continuously spying on users.
Browser extensions as main VPNs are easier to manipulate and less secure. Therefore, if you've installed FreeVPN.One or similar tools, consider removing them and changing your passwords.
In contrast, top VPN providers (e.g., ExpressVPN, NordVPN, Surfshark, Proton VPN) have undergone third-party audits verifying "no logs" claims. These providers also offer additional security features such as malware blocking, tracker prevention, and kill switches.
Koi Security claims that the extension has evolved from a basic VPN to a "privacy-invading extension." They advise looking for no-logs policies, open-source apps, and clear data-handling practices in a VPN. Trustworthy VPNs name the company and jurisdiction they operate under, providing transparency and reassurance to their users.
The extension's privacy concerns highlight the importance of being vigilant about the apps we use and the data they collect. It's crucial to ensure that our online activities are protected and our privacy respected.
