Millions of users at risk from shady Android VPN apps

0

Android VPN apps, designed to enhance online security and increase a user’s privacy, may actually be doing the total opposite and putting millions of users at risk, experts have warned.

A new study has looked at 283 Android VPN apps which are available to download from the Google Play Store.

The damming study raises a whole host of security concerns and reignites the debate regarding user data and online privacy.

“Millions of users appear to trust VPN apps despite their potential maliciousness,” researchers said.

“VPN apps like HideMyAss and VPNSecure which claim to provide security and anonymity are not effective against surveillance and malicious agents”, they added.

Some of the worst offenders were Easy VPN, Cross VPN and Betternet, which has been downloaded over 5 million times.

The study compiled a list of the worst offending Android VPN apps

The study compiled a list of the worst offending Android VPN apps

The study revealed that while 67 percent of the apps helped to enhance online privacy and security, 75 percent let third parties track users, and a whopping 82 percent access private data such as contacts and text messages.

Alarmingly, the study also found that 38 percent of the VPN apps contained some form of malware.

And if that wasn’t enough, 16 percent of the apps covered in the study used a form of peer to peer traffic routing, meaning that traffic is forwarded through other user’s devices.

Finally, 18 percent of the VPN were found to offer no encryption whatsoever, while two of the apps were found to be injecting JavaScript code in order to track users.

“Our results show that — in spite of the promises for privacy, security and anonymity given by the majority of VPN apps — millions of users may be unawarely (sic) subject to poor security guarantees and abusive practices inflicted by VPN apps,” the researchers wrote in the report.

While Android warns users at the point of download as to what permissions an app requires in order to be used, many users may not be fully aware just how much access they are granting an app or what the security implications are in doing so.

“According to the number of installs of these apps, millions of users appear to trust VPN apps despite their potential maliciousness. In fact, the high presence of malware activity in VPN apps that our analysis has revealed is worrisome given the ability that these apps already have to inspect and analyze all user’s traffic with the VPN permission,” the study reads.

Via: Torrent Freak

Share.

Comments are closed.