Cybersecurity firm Koi Security revealed that FreeVPN.One, a Chrome VPN extension with over 100,000 users, has been secretly capturing and transmitting screenshots of users’ browsing activity to remote servers[1][2].
The spyware functionality was introduced in July 2025 after earlier updates expanded the extension’s permissions. According to researcher Lotan Sery from Koi Security, “FreeVPN.One shows how a privacy branding can be flipped into a trap”[3].
When confronted, the developer claimed screenshots were only taken of suspicious sites and were encrypted, but researchers found evidence of capture on trusted sites like Google Photos[4]. The extension’s “AI Threat Detection” feature discloses taking screenshots, but Koi Security found most surveillance occurred silently in the background[5].
The case highlights growing risks with free VPN services, particularly as demand increases due to new online safety regulations in the UK requiring age verification[3:1].
GIGAZINE - Chrome VPN Extension Accused of Secretly Capturing User Screenshots ↩︎
It’s FOSS - Google Verified FreeVPN Caught Red-handed Spying on its Users ↩︎
VARINDIA - Chrome VPN Extension Accused of Secretly Capturing User Screenshots ↩︎ ↩︎
It’s FOSS - Google Verified FreeVPN Caught Red-handed Spying on its Users ↩︎
Instagram - Dhaka Chronicles post about FreeVPN.One spying ↩︎
There is no trustworthy free vpn. If you wanna make use of someone’s computer bandwidth and cpu time you need to pay them.
There’s no trustworthy VPNs period because the client-server architecture makes it impossible, it’s just the reality of how VPNs work. You cannot prove what they’re running on the server so claims like they don’t record your traffic or metadata are by definition unverifiable. Even if they’re audited, what’s deployed on the server can be changed in an instant. This is true for all the internet, there’s always a chance that any infrastructure that handles your packets is logging them and you will never know for sure.
You’re not making an argument against VPNs, but against the concept of trust. It’s good argument and I don’t think you’re going far enough, consider the old ass reflections on trusting trust and take a look at your browser of choice’s root ca store too!
There’s a lot farther you could go in making that argument and many conclusion that could be drawn from it.
On the other hand, zero-trust frameworks and packages exist, we can use the past as a predictor of future outcomes and based on actual outcomes we can place more or less trust in various software packages, services and companies.
There is, eg Proton VPN is trustworth, also Windscribe or Calyx, but all free VPN are very limited (few free servers, speed, data limit…), because of this not very usefull for the daily tasks, apart of some protection on certain sites. But generally there isn’t any really valid VPN as browsere extension, because it can’t create an tunel BEFORE the browser connect to the ISP, that is only possible with an desktop VPN.
You’re right about the vpn-as-browser extension (kinda, a lot of those packages act as proxies and override the hosts dns settings, so they do accomplish a lot), but as someone who has used proton and windscribe free and paid you can’t really rely on or trust them. Between drops, rotating endpoints and —I’ll admit that I’m guessing at this last one but my experience and many people I’ve talked to seem to corroborate it— generally being lowest quality of service and first to go when there’s a problem it’s clear that even the “top tier” of free VPNs aren’t to be relied on.
VPN access is literally cheaper than it’s ever been, there’s more transparency and clear information available than ever before and the most basic bar to pass for privacy is being able to figure out a way to conduct business privately (it’s cash).
That’s not to say there shouldn’t be free VPNs, that there isn’t a purpose or use for them, but that people shouldn’t trust or rely on them in any way.
Agree, free VPN, more free VPN extensions must be taken always with a grain of salt. Extensions are always mere proxies, maybe only usefull to skip country restrictions (reliables are VPNLY and CyberGhost extensions and very few more). By far the worst is HOLA VPN, which, instead of public servers simply exchange the IPs of its users, robbing bandwith without security. Dangerous crap.
Cyberghost is owned by kape, I don’t know about vpnly.
Yes, like also some others, but…
https://www.security.org/ said
About VPNLY, it’s a Swiss company, Privacy Policy
Free VPN Unlimited AG Rigistrasse 3, CH-6300 Zug, Switzerland
Anyway, as said before, the extension from both are not really VPN services, but proxies, both with no logs/tracking policy and no data limits, no account needed, which make them good for country restrictions and streaming, for what you can use these safely.
VPNs for desktop
The literal first words across the top of that website are “we take money from the stuff we review”.
This discussion is on whether the free VPN’s are (probably) not secretly taking your data. Proton, Windscribe, and Calyx are slow and unreliable but since they have a paid model too and the service they’re providing you is comparatively very cheap for them to offer, there’s no reason to believe they’re keeping your data.
Even if they’re not processing free users data differently from paid users the point still stands that if you need a vpn you can’t get by with a free one.
Considering what’s going on with Calyx these days I’m not sure I’d trust them either.