Malware, User Privacy Failures Found in Top Free VPN Android Apps (Jan 21, 2019)
Metric Labs Top10VPN researchers have published their analysis of the most popular 150 free Android VPN applications that produced some interesting results. Researchers discovered that one in five of the 150 tested applications were potential sources of malware. This brings the count to 25 of the top 150 free VPN applications being detected as possible malware sources according to VirusTotal. In addition, 25% of the 150 applications were identified to be affected by a DNS security flaw that leaks “browsing history data to their ISP and any third-party DNS server operator that it may use.” The permissions in free VPN applications put users at risk of leaking data that was supposed to be hidden by the application. The applications that present a security-risk were observed to have been downloaded approximately 260 million times, according to statistics from the Google Play Store.
Recommendation: Free applications should be regarded with the utmost scrutiny before they are downloaded because as this story depicts, free software can sometimes come with security risks. Additionally, keeping track of the applications used by your company is important because unknown applications discovered on machines may indicate an infection. The same method should also be applied to web browser add-ons.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.