That free VPN Chrome and Firefox extension may be reading your clipboard every half a second, researchers warn
- Researchers found "VPN Go" extensions for Chrome and Firefox secretly harvesting copied text
- The clipboard theft was not there at launch and arrived through a later update
- Anything copied while the extension was active should now be treated as exposed
Security researchers at Socket found two browser extensions distributed under the "VPN Go: Free VPN" branding, one listed on the Chrome Web Store and one on Firefox Add-ons, to secretly harvest copied text.
Both present themselves as free VPN tools with working proxy features. Underneath, Socket says, both also run a clipboard stealer that continuously watches copied text and sends it to infrastructure controlled by the attacker.
According to Socket, the clipboard theft was not present when the extensions first appeared. It was added later, through an ordinary-looking update, after the extensions had already built up a base of trusting users. That staged approach is exactly what makes this...
Copyright of this story solely belongs to techradar.com. To see the full text click HERE