Popular free Android VPN apps on Play Store contain malware

If you want to ensure optimal privacy while surfing the web, a VPN (virtual private network) is the only reliable option. In this regard, a majority of web and smartphone users rely upon free VPN services, which according to the latest research is a risky step.

In 2017, researchers identified that 38% of Android VPN apps on Play Store were plagued with Malware. Now, in a recently conducted study, it was concluded that some of the most widely used free VPN applications for Android devices harbor malware, permission overreach and can lead to DNS leaks.

See: Don’t ever use a VPN without paying attention to these five things

For the study, researchers from Top10VPN, a UK-based Virtual Private Network comparison service examined around 150 free and famous Android VPN apps and identified that approx. 90% of them were capable of compromising the security and privacy of web users via various methods. A worrying fact is that these apps have already been downloaded more than 260 million times on Google Play Store.

Researchers claim that 99 out of the 150 VPN apps request for user location, device information, camera access, and microphone access; it is a risk factor considering that these apps are specifically designed to keep the user anonymous.

The head of the research Simon Migliano reported that DNS leaks were identified in more than 38 of these 150 apps. DNS leaks can easily expose private user data to countless insecure links and happen to be a grave security threat. Furthermore, more than 27 VPN apps contained malware when checked on VirusTotal.

See: Almost Every Major Free VPN Service is a Glorified Data Farm

Migliano said that the research team couldn’t upgrade those apps that offered premium versions and after additional testing, they became certain that a majority of the key privacy issues such as “leaks, intrusive permissions, and risky code functions” will be hard to eradicate fully.

“It’s possible that network performance may be better in some instances as paid subscribers gain access to the full range of servers,” adds Migliano.

Do remember that VPNs that aren’t free are more reliable than free ones. Because when developers put their apps for free, they usually look for monetizing through different and sometimes shady ways. The complete list of malicious VPN apps is available here and if you are using any of these apps consider removing them and moving on to paid ones. 

Something about Top10VPN

This is not the first time when Top10VPN has come up with astonishing research work. Previously, the company discovered how cybercriminals on Dark Web are selling stolen PayPal, Amazon, eBay, Wallmart, Tesco, Airbnb, Facebook, Twitter, Netflix and Deliveroo accounts. 

Moreover, Top10VPN researchers also identified Dark Web marketplaces offering hacking tools and ready-made phishing pages for Facebook, Apple, PayPal, and Netflix, etc. for just $2.

Related Posts