Nearly 4 in 10 Android VPN Apps Contain Malware

A lot of people have started to use VPNs as a way to remain anonymous on the Internet. VPN service providers usually offer a mobile application, even though not all of these apps should be trusted by default. Thanks to research conducted by the Australian Commonwealth Scientific and Industrial Research Organization, we now know a lot of Android-based VPN apps use malware to track user browsing habits.

Android VPN Apps Are Not Innocent

One of the primary reasons people use a VPN tool on Android is to keep data is safe. All information shared online is encrypted by these companies, keeping it hidden from prying eyes. Unfortunately, that will not always be the case when using an Android-based VPN solution these days. Roughly 38% of all of these applications contain some form of malware to track user habits.

The research conducted by CSIRO analyzed a total of 234 VPN apps found in the Google Play Store. As it turns out, over one in three of these applications tracked user activity. To do so, the developers added malware code or used malvertising tactics to keep track of which users visit what kind of websites.

To make matters even worse, nearly in five of the analyzed VPN applications did not even encrypt internet traffic. This renders the entire point of using a virtual private network moot, as anyone can see what types of content users are accessing. Moreover, close to eight in ten applications continues to access sensitive data, including user account details and text messages. Not the type of behavior one would come to expect from a VPN application, that much is certain.




This news goes to show not every Android VPN application is equal. The top 10 of most malicious applications contains no major service provider, and some of them have even been removed in the process. It is good to see companies such as Google pay close attention to how malicious apps make in into their Play Store, despite being manually screened. Unfortunately, it remains unknown how much damage these applications have done over the past few years.

What is rather disconcerting, however, is how most people who installed these applications do not leave a negative rating in the Google Play Store by any means. The research discovered only 1% of users file complaints about security and privacy concerns they may have. That is anything but a positive development, as the whole world should be made aware of which applications can be trusted, and which should be avoided.

One way users can spot how “secure” a VPN application is, is by checking the security permission said application requires. Any of these applications requesting access to your contacts, social media accounts, or other services not related to the VPN service should be uninstalled immediately.  Moreover, users need to leave a negative feedback for that app in the Google Play Store as soon as possible.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.