Please Try again!
Researchers Issue Security Warnings About Several Popular Android VPN Appsdownloads

Researchers Issue Security Warnings About Several Popular Android VPN Apps

Thorin Klosowski , Gawker Media

A study by researchers from Data61/CSIRO , UC Berkeley , UNSW Sydney , and UCSI finds that several popular VPN services on Android open up a variety of security holes, including injecting JavaScript for ads and tracking services, traffic redirection to commerce sites, and more.

VPNs are useful for encrypting your web traffic or getting around regional restrictions. Most of these VPN services require a subscription, but many also offer free options. Researchers tested 283 different apps and found that many of those apps inject adware, trojans, malvertising, or spyware. What they found was not great:

  • 18% do not encrypt traffic
  • 84% leak user data
  • 38% reveal malware or malvertising
  • 80% request access to sensitive data like user accounts or text messages

Unfortunately, the paper doesn't go through a full ranking of all 283 apps it tested, nor does it rank the best or most secure services. It does at least go through the worst, which are shown in the table above, using a VirusTotal ranking system. This includes one we've mentioned before,  Betternet .

The biggest problem here is that in most cases, the researchers found that other than Hola , the VPN providers did not usually admit to the practice of injecting its own ads or forwarding traffic. When researchers reached out to the developers, many didn't respond, while others simply confirmed that their free version injected code to show their own ads. Thankfully, some of the worst offenders, including the top three, have all been removed from Google Play.

It's no secret that VPNs are shady and finding a good one requires actual effort , but this is a nice reminder that you should always do some research before using any type of security software. For what it's worth, we've found Private Internet Access , SlickVPN , NordVPN, Hideman , and Tunnelbear have all been reliable and transparent over the years. There's also no reason to assume this is restricted to Android. iOS and desktop VPN apps likely have similar problems.

An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps (PDF) | via TorrentFreak

Contribute to LifeHacker

Write for Us

Comments ()

Sort By:
Be the first one to review.

Subscribe to latest stories

Trending on social

Visit the definitive guide to travel, destinations, restaurants, nightlife & more.


Times Global Partners is an initiative focused on partnering with Established and Emerging Global Digital Companies for growing their presence and business in India through growth in their Brand, audience, adoption, distribution and monetization.

    Subscribe for latest stories