When we speak about free VPN, we mean a virtual private network that you can access for free. Through this, two or more connected devices can communicate with each other securely by creating another network to which only they have access. There are different types but, in this case, we are going to stick to dialup VPNs. That is, a Virtual Private Network constituted by software that is normally installed on a client computer, to create a VPN against a tunnel hub.
Historically, this form of connection was used to provide access to private resources from a public network that is not published on the Internet. However, since the proliferation of interest in privacy and theft of credentials and sensitive information, it is also used to “Spy” the communications of someone. For example, through the public Wi-Fi network of a hotel, cafeteria or airport. In fact it is a highly recommended practice to make use of VPN connections in networks that we cannot trust.
As usual, establishing a tunnel between our laptop connected to a hotel’s Wi-Fi network and a tunnel hub has a cost. The usual thing is to either have the resources of that tunnel concentrator or even hire a VPN connection in-service format. A few years ago, the business of free VPN connections began to proliferate, maintaining a maximum of the businesses that have special value on the Internet.
Free VPN business
There have been cases of all kinds. It seems obvious that if a company allows using a service that has a cost for free, there is an underlying form of financing that is not being disclosed to us and, normally, it is because we will not like it. For example, we have seen the use of free VPN services that do not protect our privacy and they have access to our private information. Such companies establish encrypted tunnel and sell our private information to third parties.
Another common model is to use a free VPN in exchange for injecting advertising into the user’s browser, for which, information is also collected.
There have been more serious cases such as using the remaining traffic available on the connection in use to automatically generate paid traffic to websites that will be counted as visits. Even that remaining bandwidth has been used in denial of service (DDoS) attacks. That is to say, we are being tricked into using a free VPN service that is actually selling our private data to third parties.
The attack on the HolaVPN extension that stole cryptocurrencies from its users
The most recent case that has served as a starting point for this article is that of a famous Google Chrome extension that, unlawfully came to give a new surprising twist: steal cryptocurrencies from users.
The most alarming thing is not that it is a new Chrome extension that has momentarily skipped the Google filter, but that it is Hello VPN, a famous and quite widespread extension that suffered a steal of credentials from the Google account associated with the extensions store. Thus, the attackers took the opportunity to publish an update of the extension that included malicious code, in order to take infected users to a fake portal. They then stole the credentials and, consequently, their cryptocurrencies.
Luckily, the infected update was detected quickly and was only published in the Chrome store for 5 hours until it was reverted to an uninfected version. Although the specific data on how many users it could affect is unknown.
In conclusion, it is always advisable to distrust free VPN services or incongruous prices, paying special attention to such delicate matters as managing the security of our communications, where the expert hand and quality are always insurance for our privacy and that of our company. The aim of VPNshazam is to protect your private data and offer you the VPN service at affordable rates.