Many Android VPN Apps Contain Malware Or Exploitable Weaknesses

February 8, 2019

Written by wukovits

many android vpn apps contain malware or exploitable weaknessesIf you’re like many seasoned ‘Netizins, you probably rely on some type of VPN to help ensure your digital privacy. Unfortunately, based on research conducted by Simon Migliano, you could very well be wasting your time.

Mr. Migliano is the head of research at Metric Labs and is a respected name in the industry.

He and his team have conducted an extensive survey of the top 150 VPN Android apps on Google’s Play Store, and the results are depressing to say the least.  A full twenty percent of those apps have been flagged as potential sources of malware, and more than a quarter of them have deal-breaking privacy bugs including DNS leaks. Those leaks expose user DNS queries to their ISPs.

Perhaps most troubling of all, however, is the fact that taken together, these problematic apps have been downloaded more than 260 million times. That means there are legions of people who probably think they are secure, who simply aren’t.

Granted, some of the issues Migliano’s team found were relatively minor.  Many of the apps in question are guilty of asking for highly aggressive permissions, which give the app (and the company controlling it) more information than they need about you. This includes how, when and where you use your device.  Even so, of the top ten free VPN apps currently available on the Play Store, seven of them have DNS leaks, including popular titles like:

  • Super VPN
  • Hi VPN
  • Turbo VPN
  • VPN Master
  • Snap VPN

In fact, of the top ten, the only app tested that had neither VPN leaks nor risky functions was Hotspot Shield Basic.  It’s worth keeping the name of that app in mind if you are currently using something else, and it may be worth your time to make the switch.

Kudos to Migliano’s team for their diligent research!

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Major Cyber Attack at OMV

Louisiana’s Office of Motor Vehicles (OMV) is one of a still undetermined number of government entities, major businesses, and organizations to be affected by an unprecedented Data Breach.There is no indication at this time that cyber attackers who breached MOVEit...

Send us a message

Your message was sent.