Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label online privacy concerns. Show all posts
protect user privacy
Chrome Extensions customer data privacy data security Data Theft Free VPN free VPN risks online privacy concerns Privacy protect user privacy

FreeVPN.One Chrome Extension Caught Secretly Spying on Users With Unauthorized Screenshots

 

Security researchers are warning users against relying on free VPN services after uncovering alarming surveillance practices linked to a popular Chrome extension. The extension in question, FreeVPN.One, has been downloaded over 100,000 times from the Chrome Web Store and even carried a “featured” badge, which typically indicates compliance with recommended standards. Despite this appearance of legitimacy, the tool was found to be secretly spying on its users.  

FreeVPN.One was taking screenshots just over a second after a webpage loaded and sending them to a remote server. These screenshots also included the page URL, tab ID, and a unique identifier for each user, effectively allowing the developers to monitor browsing activity in detail. While the extension’s privacy policy referenced an AI threat detection feature that could upload specific data, Koi’s analysis revealed that the extension was capturing screenshots indiscriminately, regardless of user activity or security scanning. 

The situation became even more concerning when the researchers found that FreeVPN.One was also collecting geolocation and device information along with the screenshots. Recent updates to the extension introduced AES-256-GCM encryption with RSA key wrapping, making the transmission of this data significantly more difficult to detect. Koi’s findings suggest that this surveillance behavior began in April following an update that allowed the extension to access every website a user visited. By July 17, the silent screenshot feature and location tracking had become fully operational. 

When contacted, the developer initially denied the allegations, claiming the screenshots were part of a background feature intended to scan suspicious domains. However, Koi researchers reported that screenshots were taken even on trusted sites such as Google Sheets and Google Photos. Requests for additional proof of legitimacy, such as company credentials or developer profiles, went unanswered. The only trace left behind was a basic Wix website, raising further questions about the extension’s credibility. 

Despite the evidence, FreeVPN.One remains available on the Chrome Web Store with an average rating of 3.7 stars, though its reviews are now filled with complaints from users who learned of the findings. The fact that the extension continues to carry a “featured” label is troubling, as it may mislead more users into installing it.  

The case serves as a stark reminder that free VPN tools often come with hidden risks, particularly when offered through browser extensions. While some may be tempted by the promise of free online protection, the reality is that such tools can expose sensitive data and compromise user privacy. As the FreeVPN.One controversy shows, paying for a reputable VPN service remains the safer choice.
Read more »
Youtube
Ad Blockers Cyber Security Data Surveillance EU online privacy concerns spying allegations targeted ads Youtube

Allegations of Spying in the EU Hit YouTube as it Targets Ad Blockers

 

YouTube's widespread use of ads, many of which are unavoidable, has raised concerns among some users. While some accept ads as a necessary part of the free video streaming experience, privacy advocate Alexander Hanff has taken issue with YouTube and its parent company, Google, over their ad practices. Hanff has filed a civil complaint with the Irish Data Protection Commission, alleging that YouTube's use of JavaScript code to detect and disable ad blockers violates data protection regulations.

Additionally, Hanff has filed a similar complaint against Meta, the company behind Instagram and Facebook, claiming that Meta's collection of personal data without explicit consent is illegal. Meta is accused of using surveillance technology to track user behavior and tailoring ads based on this information, a practice that Hanff believes violates Irish law.

These complaints come amid a growing focus on data privacy and security in the EU, which has implemented stricter regulations for Big Tech companies. In response, Google has expanded its Ads Transparency Center to provide more details on how advertisers target consumers and how ads are displayed. 

The company has also established a separate Transparency Center to showcase its safety policy development and enforcement processes. Google has committed to continued collaboration with the European Commission to ensure compliance with regulations.

Hanff's complaints could be the first of many against Google, Meta, and other tech giants, as legislators and the public alike express increasing concerns over market competition and data privacy. 

If additional regulations are implemented, these companies will have to adapt their practices accordingly. The potential impact on their profits remains to be seen, but compliance could ultimately prove less costly than facing financial penalties.
Read more »
Subscribe to: Posts (Atom)