You might think you are being careful online. You use a Virtual Private Network, or VPN, to keep your browsing private. Many people look for free options to do this. A tool called FreeVPN.One for the Google Chrome browser promised to do just that. It was popular, with over 100,000 people installing it. It even had a “Verified” badge from Google. But this free tool came at a terrible price. It was secretly taking pictures of everything its users did online.
This story is a serious reminder for everyone who uses the internet. It shows how a tool that promises to protect you can do the exact opposite. It betrayed the trust of thousands of people. Let’s look at how this happened, what it means for you, and what you can do to stay safe.
Table of Contents
- The Promise: A Free and Fast VPN
- The Betrayal: What the Extension Really Did
- A Step-by-Step Plan of Deception
- A Failure of Trust: The Problem with App Stores
- How to Protect Yourself: An Advisor’s Guide
- Be Careful with “Free”
- Check Permissions Before You Install
- Limit the Number of Extensions You Use
- Review Your Current Extensions
- Look for Real Company Information
- Read Reviews Critically
The Promise: A Free and Fast VPN
FreeVPN.One made big promises on its website and in the Google Chrome Store. It said it would stop anyone from spying on your internet use. It also claimed to be the fastest VPN available. For someone wanting privacy without paying, this sounded perfect. The company’s privacy statements looked professional. They said all the right things about protecting your data.
But there were warning signs. The website had no “About Us” or contact page with a real company address. This is a red flag. A trustworthy company is open about who they are and where they are located. Without this information, their promises about privacy are just empty words. It is believed the company was based in Hong Kong, but no one knows for sure. When a company hides its identity, it cannot be held accountable. This is one reason you must be very careful with services that have no clear ownership. Despite these warning signs, users downloaded the extension and even left five-star reviews, saying how great it was. They had no idea what was happening in the background.
The Betrayal: What the Extension Really Did
Security researchers at a company called Koi Security discovered the truth. They published an article in August 2025 called “SpyVPN: The Google-Featured VPN That Secretly Captures Your Screen.” Their findings were alarming.
FreeVPN.One was not protecting user privacy. It was destroying it.
The extension was designed to take a screenshot, or a picture of the computer screen, every few seconds. It captured every single website a person visited. Think about what you do on your computer every day.
- Logging into your bank account.
- Reading and writing private emails.
- Working on confidential company documents.
- Shopping online with your credit card.
- Chatting with friends and family.
The extension recorded all of it. After taking a screenshot, it sent the image to a server controlled by the extension’s creators. Along with the picture, it sent the website address, a special ID for the browser tab, and a unique ID for the user. This created a complete record of a user’s online life, all collected without their knowledge or permission.
The developers tried to disguise this activity. The data was sent to a website that claimed to be an “AI Threat Detector.” It said it was scanning for bad websites to protect users from things like phishing. This was a clever lie. It made the spying seem like a security feature. In reality, the extension was spying on users, not protecting them.
A Step-by-Step Plan of Deception
This wasn’t an accident or a bug. It was a carefully planned, slow-motion attack. The developers built trust over time and then used that trust to spy on their users. Here is how they did it:
- The Beginning: A Normal VPN. For years, FreeVPN.One was just a simple VPN extension. It did what it promised and gave users no reason to be suspicious. It built a good reputation and a large user base.
- The First Move: Asking for More Power. In April 2025, an update (version 3.0.3) changed the extension’s permissions. It asked for permission to access <all_urls>, which means it could see and change data on every website you visit. This is far more access than a normal VPN needs. This change opened the door for the spying to begin.
- The Cover Story: A Fake Security Upgrade. In June 2025, another update (version 3.1.1) was released. The extension was rebranded to include “AI Threat Detection.” This was the excuse for the new, broad permissions. It made users believe the extension was becoming more secure. In reality, the developers were testing to see how much they could get away with.
- The Attack Begins: Full-Scale Spying. On July 17, 2025, with version 3.1.3, the trap was sprung. The extension started secretly taking screenshots of every webpage. It also collected the user’s location and device information. All this private data was sent to the developer’s server.
- Covering Their Tracks: Hiding the Evidence. The developers knew their spying could be detected. On July 25, 2025, they released version 3.1.4. This update added strong encryption to the data being sent out. This made it much harder for security researchers to see what the extension was doing. The spying continued, but now it was hidden behind complex codes.
What started as a trusted tool for privacy had turned into a powerful surveillance machine. Worst of all, during this time, Google gave the extension a “Verified” badge and even featured it on the Chrome Web Store.
A Failure of Trust: The Problem with App Stores
This case highlights a serious problem. We trust companies like Google to keep their app stores safe. The Google Chrome Store team says they check extensions for problems. They use automatic scans and manual reviews to look for malicious code or strange behavior.
However, the FreeVPN.One case proves these security measures can fail.
A dangerous extension was not only missed but promoted. It passed Google’s checks, got a “Verified” status, and was recommended to users. This shows that there are serious gaps in the review process. You cannot assume an extension is safe just because it is in an official store, even if it has a verification badge and good reviews.
How to Protect Yourself: An Advisor’s Guide
This story can be frightening, but you are not powerless. You can take steps to protect yourself from similar threats. Your online safety is in your hands. Think of it as locking the doors to your house. It is a simple habit that keeps you safe.
Here is what you can do:
Be Careful with “Free”
When a service is offered for free, you should always ask yourself how the company makes money. Often, the answer is that they are collecting and selling your data. If you are not the paying customer, you might be the product.
Check Permissions Before You Install
Before you click “Add to Chrome,” the store shows you what an extension wants to do. Read this carefully. Does a simple tool need to “read and change all your data on the websites you visit”? If the permissions seem excessive for what the tool does, do not install it.
Limit the Number of Extensions You Use
Every extension you install is another potential door into your browser. Be a minimalist. Only install extensions that you truly need from companies that you know and trust, like from your browser’s developer or a large, well-known technology company.
Review Your Current Extensions
Take five minutes right now to check the extensions you already have installed. Go to your browser’s extensions menu. Do you recognize all of them? Are you still using them? If you do not need an extension anymore, remove it.
Look for Real Company Information
Before installing a tool from a company you don’t know, do a quick search. Does the company have a professional website with an address and contact information? Legitimate businesses are transparent about who they are.
Read Reviews Critically
Don’t just look at the 5-star ratings. Fake reviews are common. Look for detailed, balanced reviews that discuss both good and bad points. Be aware that many positive reviews for FreeVPN.One were from people who had no idea they were being watched.
The story of FreeVPN.One is more than a warning about one bad extension. It is a lesson about the digital world. Trust is easily given but can be dangerously misplaced. By being a little more skeptical and a lot more careful, you can better protect your money, your data, and your life online. Stay informed and stay safe.