What the Hack

Are You Using These Android VPN Apps? They Are Malicious, Spy On The Users

malicious Android VNP App

It is very common for a user to download and install VPN app from Google Play store to hide their digital identity and digital data. Alarmingly, the recent research revealed that many of the Android VPN apps available on Play are malicious in nature and are not as secure as they appear to be. These malicious Android VPN apps are not dedicated to hiding user’s identity and data instead to spy on the user.

The research has been done by a team of researchers from Australia’s Commonwealth Scientific and Industrial Research Organisation (CSIRO), University of South Wales and UC Berkley. The team studied 234 Android VPN apps on the Google Play Store out of that, around 38 per cent of Android VPN apps found to contain malware.

vpn-factsThe report claims that more than a third of the 238 analyzed apps were found to be tracking users through malvertising or malware. In addition, 18 percent of the apps didn’t perform its very function of encryption- the apps sent user traffic to the internet without encryption- the goal for which user installs these VPN apps.

The research asserted in the report that over 80 per cent of apps requested to access sensitive data such as user accounts and text messages.

The researchers in its report also listed 10 worst Android VPN apps on Google Play Store leveraging the automated malware detection process of Virus Total API. Alarmingly, many of the Android VPN apps were detected as malware by more than 10 Anti-Virus Engines.

VPN Fact 01
For information, VirusTotal is an online solution which aggregates the scanning capabilities provided by more than 100 AV tools, scanning engines, and dataset.

When you download an app and install, you give it access to your smartphone and its data as well. Only last week Meitu’s selfie app was identified sharing users’ location information with China.

Dali Kaafar, professor and senior principal researcher at CISRO, advised Android owners to stop and read the user review before signing up for a particular VPN app. “Always pay attention to the permissions requested by apps that you download,” he added.

About the author


  • R. Dangsil

    I suggest download only the vpn app from Google Store that is associated with your paid service. I only downloaded Astrill app when I subscribed to Astrill and it is the safest way to do it.

  • Chris Rodgers

    Thanks Rumi for such an informative article. I was searching for a reliable Android VPN App for a long time. After going through the articles of so many websites, I got to know that not all VPNs work with every Android device. So a good practice is to read the service reviews to make sure you’re getting the best Android VPN for your needs. I found the best review of the Android VPN on ReviewsDir, and found it really helpful. Now I’m a happy user of ExpressVPN for my Android.