Fake VPNs Fool Google Store

Fake Proton VPN extensions have surfaced in Google's Chrome Web Store, with some remaining live for weeks despite being reported by Proton. These malicious applications successfully passed Google's review processes, posing a significant security risk to users who believed they were installing legitimate software. The goal of these fake extensions was to steal user login credentials and sensitive data.

Proton has expressed frustration with what it terms "slow and ineffective" moderation by Google, emphasizing that prolonged exposure of malicious software is unacceptable. Two of the identified fake extensions specifically targeted the Russian market, where demand for secure VPNs is high. The incident highlights the vulnerability of even official marketplaces and the sophistication of brand impersonation tactics used by attackers.

Users are advised to protect themselves by downloading extensions directly from the VPN provider's official website, rather than searching within browser stores. When checking listings, it's crucial to verify the publisher and review the permissions requested by any extension. Proton advocates for improved moderation to prevent future occurrences, stressing that user vigilance is currently the best defense against such threats.