Starting analysis...
Free VPN Proxy - VPNLY
Version 2.2.0 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a substantial user base of 1 million users and maintains a high rating of 4.7 stars from 20,000 reviews, which suggests user satisfaction. However, the developer information is limited to just a domain name (vpnly.com), lacking transparency about the company behind the service. VPN extensions inherently require extensive permissions to function, but the combination of permissions here exceeds typical VPN requirements.
The most concerning aspect is the management permission, which allows this extension to control other extensions - completely unnecessary for VPN functionality. The proxy, webRequest, and broad host permissions are expected for a VPN service, but together they create a powerful surveillance capability. The extension can intercept all web traffic, modify requests, and access all websites you visit. The tabs permission adds another layer of browser control that could be exploited for malicious purposes beyond VPN services.
Given the critical risk level, install this extension only in a separate Chrome profile dedicated to VPN use. Regularly audit what other extensions are installed when this VPN is active, as it can manage them. Consider using established VPN providers with dedicated desktop applications instead of browser extensions. If you must use this extension, avoid accessing sensitive accounts or conducting financial transactions while it's active. Monitor your browsing behavior for any unexpected changes or redirects.
Findings
Security Analysis Details
Required Permissions:
- proxy
- storage
- webRequest
- webRequestAuthProvider
- tabs
- management
- offscreen
Host Permissions:
- <all_urls>
- http://*/
- https://*/
Embedded URLs (21 total):
| https://github.com/lancedikson/bowser | https://vpnly.com | |
| https://vpnlyru.com | https://gapi.268222219.xyz | |
| https://s3.amazonaws.com/static.vpnly.com | https://api.268222219.xyz | |
| https://support.mozilla.org/kb/disable-or-remove-add-ons#w_disabling-extensions | https://chromewebstore.google.com/detail/free-vpn-proxy-vpnly/lneaocagcijjdpkcabeanfpdbmapcjjg/review?hl= | |
| https://addons.mozilla.org/ | https://t.me/share/url?url= | |
| https://facebook.com/sharer/sharer.php?u= | https://x.com/intent/tweet?text= | |
| https://reddit.com/submit/?title= | https://vk.com/share.php?title= | |
| http://api.telegra.ph/getPage/fvp-11-30 | http://www.w3.org/2000/svg | |
| https://clients2.google.com/service/update2/crx | https://vuejs.org/error-reference/#runtime- | |
| http://www.w3.org/1998/Math/MathML | http://www.w3.org/1999/xlink | |
| https://s3.hub-vpn.com |
Raw Manifest
{ "name": "__MSG_appName__", "icons": { "16": "icons/icon-16.png", "128": "icons/icon-128.png" }, "action": { "default_icon": { "19": "icons/icon-19.png", "38": "icons/icon-38.png" }, "default_popup": "popup.html", "default_title": "VPN" }, "version": "2.2.0", "background": { "service_worker": "background.js" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "__MSG_appDescription__", "permissions": [ "proxy", "storage", "webRequest", "webRequestAuthProvider", "tabs", "management", "offscreen" ], "default_locale": "en", "host_permissions": [ "<all_urls>", "http://*/", "https://*/" ], "manifest_version": 3, "externally_connectable": { "matches": [ "*://localhost/*" ] }, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "icons/icon-48.png" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.