Data Security, Privacy, Application security

Free Android VPNs expose users to tracking and risky servers, research finds

(Adobe Stock)

In a report by Security Affairs, research reveals that most free Android VPN applications pose significant privacy risks, often collecting and sharing user data instead of protecting it. A study by Mysterium VPN analyzed 18 popular free VPN apps, uncovering hidden dangers within their code and functionality.

The analysis, using MobSF, focused on app permissions, third-party trackers, hardcoded network endpoints, and developer emails. Seventeen of the 18 apps contained at least one tracker, with an average of five, including platforms from the U.S., China, and Russia. Many apps requested excessive "dangerous" permissions, such as access to the camera, microphone, and location, resembling spyware more than privacy tools. Furthermore, numerous apps connected to hardcoded domains in countries with strict surveillance or OFAC sanctions, like China and Russia, exposing users to potential government access and data logging.

This research highlights that free VPNs often function as data collection platforms rather than privacy tools. The findings underscore the need for users to scrutinize app permissions, consider open-source or decentralized alternatives, and be wary of apps that offer extensive functionality for free. 

Source: Security Affairs

You can skip this ad in 5 seconds