If you use Google Chrome (Chromium, or a Chromium-based web browser like Vivaldi) and you have installed a free VPN extension from the Chrome Web Store, do me a favour: make sure it’s one you trust.

This warning is particularly pertinent for UK readers. VPN usage has surged here following the (controversial) introduction of online age verification to access adult content (and other non-adult content caught in the cross-hairs) when on British shores.

But not all VPN services, tools, apps, and add-ons are created equal. In fact, some are downright scummy.

One free VPN extension analysed by researchers at Koi Security looks legit, but they soon discovered it was “not working to keep you safe” but “continuously watching you” instead. As privacy-gleaning activities go, it’s as ick as ick gets – a free VPN with a voyeuristic sideline.

It’s clearly not something users would knowingly opt-in to, so… how’d it happen?

Making “AI Security” a Trojan Horse

The extension in question (which I’m not going to link to for obvious reasons) started out as a VPN. Maybe a good one, maybe an iffy one, but just a VPN. It sat on the Chrome Web Store for years, picking up users, positive features, and even a ‘featured’ badge.

So far, so fine.

Then, in spring 2025, updates arrived. These broadened the extension’s permissions piecemeal, pitching the ‘need’ for each new request as improving security and enabling it to function:

  • April<all_urls> permission to access every site loaded.
  • June: scripting permission.
  • July: screenshots, location and device info begins sending to new servers.
  • July: encryption added to make the data exfiltration harder to detect.

Content scripts injected into each website wait precisely 1.1 seconds after a page loads (making sure everything’s rendered), then a captureViewport message is sent to the background service worker, which grabs a screenshot using Chrome’s own privileged API.

Think about your own daily browsing: a Google Doc with company information, your bank details or payment info, dating sites, viewing your social media DMs. All of that being captured and sent off for… Who knows what.

All of the ick was masked by the inclusion of a hype-train riding “AI Threat Detector” feature.

Using the infallible1 power of LLMs, this feature offered to “protect” users from phishing and scam attempts by sending screenshots of website to be analysed by “AI” for threats, an a risk assessment passed back.

Sounds innocuous and helpful — reassuring even, especially based on the blurb on the Chrome Web Store listing:

“As if our fast VPN service couldn’t get any better, we’ve now added advanced AI Threat Detection. With a single click, you can submit any website to our advanced AI which analyzes […] cues to determine if the site is trustworthy or a phishing/scam attempt.

Passive mode enables this function in the background while you browse – constantly monitoring the websites your are viewing and scanning them visually if you visit a suspicious page. Designed to give you extra peace of mind while you browse.”

Extra peace of mind… Yeah, right.

Here’s the trippy bit: If you parse the text above carefully, everything is stated (cosseted in language that sounds positive), and the extension’s own privacy policy (which few will read) mentions that AI Threat Detection uploads screenshot to their random server.

But for end-users who see “FreeVPN” and hit install, and those had it installed and clicked “Ok” on the new permission requests because they already trusted this add-on, it isn’t clear that AI Threat Detection is not a one-time, local scan, but ongoing surveillance.

Yeah, but who uses free VPNs anyway?

This add-on has over 100,000 installs, and it is still available on the Chrome Web Store at the time of writing, complete with its ‘Featured’ badge from Google. I suspect few Linux users would blindly ‘trust’ a no-brand freebie VPN, but less-savvy users…

If you fancy the deep drive, read the full Kio Security blog post. It shares the full rundown on how this was able happen, and why Google was unable to detect the nefarious activities despite the Chrome Web Store’s robust automated checks.

They, naturally, reached out to the extension maker to provide them with a chance to explain.

The developer initially claimed screenshots only happened on “suspicious” domains (researchers found it was screen grabbing Google Sheets and Google Photos, hardly sus); background scanning was enabled “accidentally”; and screenshots weren’t stored.

Alas, when researchers asked for some reassuring information, the responses ceased.

The extension ID is jcbiifklmgnkppebelchllpdbnibihel if you want to check whether you’ve got the ick installed — hopefully not.

Still, a reminder that the ol’ ‘if a product is free, you are the product’ adage rings ever true. Someone should start selling carved into driftwood instead of “Live, Laugh, Love”

  1. Sarcasm, obvs. ↩︎