Cybersecurity firm Koi Security revealed that FreeVPN.One, a Chrome VPN extension with over 100,000 users, has been secretly capturing and transmitting screenshots of users’ browsing activity to remote servers[1][2].
The spyware functionality was introduced in July 2025 after earlier updates expanded the extension’s permissions. According to researcher Lotan Sery from Koi Security, “FreeVPN.One shows how a privacy branding can be flipped into a trap”[3].
When confronted, the developer claimed screenshots were only taken of suspicious sites and were encrypted, but researchers found evidence of capture on trusted sites like Google Photos[4]. The extension’s “AI Threat Detection” feature discloses taking screenshots, but Koi Security found most surveillance occurred silently in the background[5].
The case highlights growing risks with free VPN services, particularly as demand increases due to new online safety regulations in the UK requiring age verification[3:1].
GIGAZINE - Chrome VPN Extension Accused of Secretly Capturing User Screenshots ↩︎
It’s FOSS - Google Verified FreeVPN Caught Red-handed Spying on its Users ↩︎
VARINDIA - Chrome VPN Extension Accused of Secretly Capturing User Screenshots ↩︎ ↩︎
It’s FOSS - Google Verified FreeVPN Caught Red-handed Spying on its Users ↩︎
Instagram - Dhaka Chronicles post about FreeVPN.One spying ↩︎
Cyberghost is owned by kape, I don’t know about vpnly.
Yes, like also some others, but…
https://www.security.org/ said
About VPNLY, it’s a Swiss company, Privacy Policy
Free VPN Unlimited AG Rigistrasse 3, CH-6300 Zug, Switzerland
Anyway, as said before, the extension from both are not really VPN services, but proxies, both with no logs/tracking policy and no data limits, no account needed, which make them good for country restrictions and streaming, for what you can use these safely.
VPNs for desktop