Please note, this Chrome extension makes screenshots without your knowledge

A malicious and too curious chrome extension has been unlocked on the web store. For example, Verified by Google, it makes screenshots in the background without its users. Similarly, It has more than 100,000 facilities.

Koi Security researchers discovered the presence of a malicious extension on the web store chrome. Meanwhile, Called Freevpn.one, the extension provides, as its name suggests, VPN services. However, Present on the Google store for years, it has accumulated Over 100,000 facilities And has the famous verified badge.

This blue badge attests that the developer has confirmed his identity with Google. Furthermore, the extension Respect security rules and confidentiality of the platform. In addition, In theory. Meanwhile, the extension is far from any suspicion, since Google has carried out a minimum of checks on its account.

Read also: Red alert on Chrome – 100 extensions please note, this chrome extension pretend to be known services. such as YouTube or Deepseek

A chrome extension transformed into a monitoring tool

In truth, the extension was taken hand in the bag spying on its users. The researchers noticed that the Chrome extension used to Captures screenshots Of everything that the user does on his browser. A few seconds “After loading a page. a script in the background automatically makes a screenshot”indicates the Koi Security report. The screenshot is then sent to a remote server. In the process. the extension collects “The URL of the page, the ID of the tab and a single user identifier”.

The extension policy evokes the sending of screenshots on secure servers when the “Scan with AI Threat Detection”. function is activated. This feature consists in analyzing the web page visited to detect possible threats with AI. Nevertheless. she ignores the fact that “The extension has already made please note, this chrome extension many other screenshots in the background, long before you press the button” of the option. Worse. the extension even records the content of secure applications, such as Google Sheets and Google Photos, for no valid reason.

In addition, researchers assure that the extension requires Many more authorizations To function only the other VPNs. By granting these authorizations. you give the right to the extension to monitor all the sites you visit and to discreetly collect sensitive data. According to the investigations carried out by the experts. the surveillance functions have been gradually added through updates, which made it possible to be fond of Google.

“The extension obtained the verified status as well as a star investment on the Chrome Web Store. However. even if Google claims to control each new version via automated analyzes, human exams and suspect behavior monitoring, these safeguards have failed. This case shows that. please note, this chrome extension despite these protections, dangerous extensions can pass between the meshes of the net, revealing serious safety flaws in the main browsers’ blinds ”regret Koi Security.

This is not the first time that Koi Security researchers have unlocked potentially malicious chrome extensions on the web store. A few months ago, experts already pinned eleven extensions with malicious features on the shop. All these extensions also had the famous badge verified by Google.

🔴 To not miss any 01net news, follow us on Google News and Whatsapp.

Source : Koi Security