Researchers Warn of the Security of Several Popular VPN Apps for Android
Research by researchers from Data61 / CSIRO , the University of California at Berkeley , UNSW Sydney, and UCSI found that several popular VPNs on Android open many security holes, including injecting JavaScript for ads and tracking services, redirecting traffic to commercial sites. etc. .
VPNs are useful for encrypting your web traffic or bypassing regional restrictions. Most of these VPNs require a subscription, but many offer free options as well. Researchers tested 283 different applications and found that many of them inject adware, Trojans, malicious ads, or spyware. What they found was not the best:
- 18% do not encrypt traffic
- 84% of user data leaks
- 38% disclose malware or malicious ads
- 80% request access to sensitive data such as user accounts or text messages
Unfortunately, the article does not provide a complete rating of all 283 tested applications, as well as a rating of the best or safest services. At least it goes through the worst, which is shown in the table above using the VirusTotal ranking system. This includes the one we mentioned earlier, Betternet .
The biggest problem here is that in most cases, researchers found that, other than Hola , VPN providers generally did not allow their own ads or traffic to be injected. When researchers contacted the developers, many did not respond, while others simply confirmed that their free version had code embedded in it to display their own ads. Fortunately, some of the more serious offenders, including the top three, have been removed from Google Play.
It’s no secret that VPNs are unreliable and finding a good one takes real effort , but it’s a good reminder that you should always do some research before using any security software. However, we have found that Private Internet Access , SlickVPN , NordVPN, Hideman, and Tunnelbear have been reliable and transparent over the years. There is also no reason to assume this is limited to Android. VPN apps for iOS and desktop probably have similar issues.
Privacy and Security Risk Analysis of Apps with VPN Permissions for Android (PDF) | via TorrentFreak