Careful of VPNs that spy on your computer screen

Happy Friday Over the past few years, there's been a surge in interest in VPN (virtual private network) services, particularly due to the public's perception that using a VPN makes you more anonymous, thus more protected from being hacked. Although there's some truth to this, that's not always accurate. A VPN service simply routes all of your internet traffic through their servers, and while many claim not to log your activity, there's no way to be completely sure.

For example, in 2020 there was the infamous Hong Kong VPN Scandal where 7 different VPN providers were found recording user activity despite their 'No-Log' pledges. In another case in 2017, PureVPN, which advertised a "no logs" policy provided logs to authorities in a criminal case, helping to identify users engaged in cyberstalking. These and numerous other incidents have proven that VPN providers do in fact often record user activities, contrary to marketing claims, eroding public trust in using such services.

But a recent find by Koi Security has found that it's gotten even worse. FreeVPN, a popular Chrome extension has been caught capturing screenshots about once per second and transmitting them to a remote server. When confronted, FreeVPN replied with a range of excuses, including that they were "scanning suspicious sites" even though the sites being "scanned" were google.com's home page.

The Takeaway

FreeVPN has been given verified status and has even been featured on the Chrome Web Store. While Chrome claims to perform security checks on new versions of extensions by using automated scans, human reviews and monitoring for malicious code or behavior changes , the reality is that their safeguards clearly failed.

By the way, the Chrome Web Store has a "not us!" clause in their terms of service where you "agree that Google is not responsible for any Product on the Web Store that originates from a source other than Google" so that means that it's up to you to make sure that sneaky extensions don't end up on you or your users' computers.

Here are my top 3 ways to check if that Chrome extension might be up to no good:

1. Check the Source and Reputation. Only install extensions from trusted developers or companies you recognize. Look at reviews, ratings and particularly the update history in the Chrome Web Store. Sudden negative reviews or long periods without updates can be red flags. If the publisher is unknown or hard to verify, think twice before adding it.

2. Review Permissions. When installing an extension Chrome shows what it's requesting access to. A legitimate tool should only ask for the minimum permissions needed to function. If an extension demands high level access such as reading data on all websites or managing other apps, that's sus.

3. Limit Installed Extensions. The more extensions you install, the larger your attack surface becomes. Keep only the ones you actively use and remove any that are no longer needed. Regularly reviewing and pruning your extensions list is one of the simplest ways to reduce risk.

Small habits like checking sources, reviewing permissions and pruning unused extensions go a long way in protecting you from threat, crime and disaster.

Stay safe out there.

-Attila

New Friday Funnies!

Why did the web browser get fat?

It accepted all of those cookies.

What internet browser does Aladdin use?

Jafari.

What is Mario's favorite search engine?

YYYYAAAAHHHOOOOOOO!!!

Why do ducks have webbed feet?

To stamp out forest fires.

Why do elephants have flat feet?

To stamp out burning ducks.