in

Malicious VPN Applications That Steal User Data

VPN programs are popular, especially among users who want to access restricted sites or enhance their online security. However, not all VPNs are safe. Let’s delve into how VPNs work and examine some recent applications that contain viruses or engage in other malicious activities.

How Does a VPN Work?

When you try to access a website without a VPN, you connect directly through your internet service provider (ISP). With a VPN, however, your data is first encrypted on your device, then sent to the VPN provider’s server. The server decrypts the data and grants access to the site. Here’s what a VPN does for you:

  • Encrypts Your Data: Your ISP cannot see which websites you visit because the data is encrypted.
  • Provides Security in Public Spaces: It protects against data theft when using public networks like those in workplaces, schools, or cafes.
  • Hides Your Identity: Instead of your ISP’s IP address, the VPN’s IP address is recorded on the websites you visit, keeping your identity anonymous.

Dangers of Using a VPN

  • VPN Providers Can Log Your Data: Instead of your ISP, the VPN provider may log your online activities.
  • Free VPNs Might Install Malware: The saying “there’s no such thing as a free lunch” applies here. Free VPNs may install malware on your device.

To mitigate these risks, choose a VPN that doesn’t log data and verify its claims through credible sources. For the second issue, only download VPNs from reputable sources after thorough research.

VPN Applications Known for Stealing Data and Committing Crimes

  • Betternet VPN: Known for having a virus integrated into its mobile app and tracking users with 14 different trackers. source1
  • Hola VPN: This VPN allows other users to use your internet connection, potentially making you an unwitting participant in criminal activities. source2
  • Lite VPN, Fast Line VPN, Turbo Tunnel VPN, VPN Ultra: These, along with 17 other apps on the Google Play Store, redistribute your internet connection to other users. source3
  • Mask VPN, Dew VPN, Paladin VPN, Proxy Gate, Shield VPN, Shine VPN: According to the U.S. Department of Justice, these VPNs turn computers into “zombies” for cyber attacks, fraud, child exploitation, phishing, cyberstalking, and bomb threats. source 14, source 25
  • Tuxler VPN: Sells your browsing history, contact list, and other data. source 16, source 27
  • VPN Master: Contains multiple viruses. source8
  • Cake VPN, Pacific VPN, Evpn, Dora VPN: These contain viruses designed to target banking apps. source9
  • Super VPN, Betternet, Cyber Ghost, VPN Gate, Vypr VPN, Strong VPN, Hide My Ass, VPN Secure: Research shows that these VPNs steal up to 80% of users’ accounts and messages, selling the data to third parties. 38% of them use your internet connection for other users. source10

Among the top 100 most downloaded Android VPN apps, 15 have access to your camera, and 14 can access your GPS – source10. A VPN does not need access to your camera or GPS to secure your internet connection. When using a VPN, make sure to conduct deep research and, if possible, use a paid service. Remember, just as there are bad people in the real world, there are bad actors on the internet too.

List:

  • Betternet VPN
  • Hola VPN
  • Lite VPN
  • Fast Line VPN
  • Turbo Tunnel VPN
  • VPN Ultra
  • Mask VPN
  • Dew VPN
  • Paladin VPN
  • Proxy Gate
  • Shield VPN
  • Shine VPN
  • Tuxler VPN
  • VPN Master
  • Cake VPN
  • Pacific VPN
  • Evpn
  • Dora VPN
  • Super VPN
  • Cyber Ghost
  • VPN Gate
  • Vypr VPN
  • Strong VPN
  • Hide My Ass
  • VPN Secure

Sources

  1. https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf
    ↩︎
  2. https://www.pcworld.com/article/427726/ultra-popular-hola-vpn-extension-sold-your-bandwidth-for-use-in-a-botnet-attack.html ↩︎
  3. https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-proxylib-and-lumiapps-transform-mobile-devices-into-proxy-nodes ↩︎
  4. https://www.justice.gov/opa/pr/911-s5-botnet-dismantled-and-its-administrator-arrested-coordinated-international-operation ↩︎
  5. https://www.fbi.gov/investigate/cyber/how-to-identify-and-remove-vpn-applications-that-contain-911-s5-backdoors ↩︎
  6. https://proprivacy.com/vpn/guides/vpn-scams ↩︎
  7. https://vpnpro.com/vpn-reviews/tuxler-review/ ↩︎
  8. https://restoreprivacy.com/vpn/warning-list/ ↩︎
  9. https://research.checkpoint.com/2021/clast82-a-new-dropper-on-google-play-dropping-the-alienbot-banker-and-mrat/ ↩︎
  10. https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf ↩︎
  11. https://www.top10vpn.com/research/free-vpn-investigations/android-vpn-security-flaws/ ↩︎