Warning: most Android VPN apps are insecure
VPN software can be used to not only circumvent geoblocking, censorship and ISP blocks, but also to remain anonymous online. At least that's the idea. If you're an Android user who has a VPN app installed on your phone or tablet, the chances are that it is not safe.
Research shows that the majority of VPN apps to be found in Google Play contain spyware or malware, leak data, or include tracking components. This is in stark contrast to what most people would expect from such apps, and users are warned to double-check the choice they have made.
TorrentFreak shares details of research carried out by CSIRO’s Data 61, the University of New South Wales, and UC Berkley which shows that two thirds of VPNs checked featured one or more third-party tracking libraries. More than one third included a malware component.
The in-depth study reveals that 43 percent of apps in the test had adware, 29 percent had Trojans, 17 percent featured malvertising, 6 percent included 'riskware', and spyware was found in 5 percent. In all, 283 VPN tools were tested, and even some of the big names were found to be disappointingly insecure. The researchers explain:
While 37 percent of the analyzed VPN apps have more than 500K installs and 25 percent of them receive at least a 4-star rating, over 38 percent of them contain some malware presence according to VirusTotal.
It seems that VPN users place blind faith in the tools they choose to use, preferring to believe that they are taking steps to increase rather than decrease their security:
According to the number of installs of these apps, millions of users appear to trust VPN apps despite their potential maliciousness. In fact, the high presence of malware activity in VPN apps that our analysis has revealed is worrisome given the ability that these apps already have to inspect and analyze all user’s traffic with the VPN permission.
In nearly a fifth of cases, tunneling is employed without encryption, while an astonishing 84 percent had IPv6 leaks and 66 percent had DNS leaks.