TechAndroid VPN apps expose users to security risks and privacy breaches

Android VPN apps expose users to security risks and privacy breaches

Applications often conceal malicious code in the Android system, which can be used, among other things, to steal private data. The latest report from Top10VPN indicates that many infected apps are VPNs that are not adequately secured and can allow uncontrolled access to user data.

Android VPN apps expose users to security risks and privacy breaches
Images source: © Getty Images | NurPhoto

13 June 2024 13:29

Some Android VPNs raise concerns among security experts

These details are provided by PCMag. The report reveals that out of the top 100 most popular VPN clients on Android worldwide, over 10% cannot encrypt transmitted data correctly, more than half malfunction, and 80% do not use the most secure encryption algorithms.

Some of them also contain code from ByteDance, known for its ties to TikTok, which is unnecessary for VPN functionality, raising suspicions among security experts.

According to Top10VPN data, some Android VPN applications are known for leaking IP addresses or DNS data, others have issues with correctly encrypting data, and still others offer unwarranted access to Android system features, creating the potential for theft of users' private data.

Due to the granted permissions, some applications can, for example, read information from the address book and device location based on GPS data, browse the list of installed applications, obtain complete information about the SIM card and operator, and even read the unique device identifier used by Google to display targeted ads.

Among the programs identified as dangerous are Tomato VPN, Phone Guardian VPN, Ultimate VPN, Turbo VPN, Power VPN, VPN Monster, uVPN, VPN Proxy Master—Safer VPN, VPN Pro—Fast & Secure VPN, and Signal Secure VPN—Robot VPN. It is better to remove these applications and choose more well-known, secure solutions instead of continuing to use them.

© Daily Wrap
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.