Subj : Watch out  that free Android VPN app could hijack your device
To   : All
From : TechnologyDaily
Date : Wed Mar 27 2024 17:00:06

Watch out  that free Android VPN app could hijack your device

Date:
Wed, 27 Mar 2024 16:48:35 +0000

Description:
Researchers find more than two dozen malicious Android VPN apps, turning the 
devices into residential proxies.

FULL STORY
======================================================================

Almost two dozen free Android VPN apps were actually turning host devices 
into residential proxies , researchers have revealed announced. All of the 
apps were subsequently removed from the Play Store, with some making a 
comeback after cleaning up their code. 

Cybersecurity researchers from HUMANs Satori Intelligence Team recently 
discovered a total of 28 apps, all of which had the Proxylib software 
development kit (SDK). This SDK, built in the Golang programming language, 
was designed to do the proxying, a process in which internet traffic is 
routed through third-party devices. 

All of the apps were subsequently removed from the Play Store, with some 
making a comeback after cleaning up their code. Russian fingers 

While proxying has its legitimate, legal use cases, when its not clearly 
stated in the app, its most likely criminal. Hackers use it to hide their 
traffic as they commit ad fraud, phishing, and more. 

Of the 28 apps, 17 were free VPN apps. Here is the full list: Lite VPN Anims 
Keyboard Blaze Stride Byte Blade VPN Android 12 Launcher (by CaptainDroid) 
Android 13 Launcher (by CaptainDroid) Android 14 Launcher (by CaptainDroid) 
CaptainDroid Feeds Free Old Classic Movies (by CaptainDroid) Phone Comparison 
(by CaptainDroid) Fast Fly VPN Fast Fox VPN Fast Line VPN Funny Char Ging 
Animation Limo Edges Oko VPN Phone App Launcher Quick Flow VPN Sample VPN 
Secure Thunder Shine Secure Speed Surf Swift Shield VPN Turbo Track VPN Turbo 
Tunnel VPN Yellow Flash VPN VPN Ultra Run VPN 

The researchers speculate that these apps are linked to Asocks, a 
Russia-based residential proxy service provider, given that many apps 
connected to the Asocks website, and the Asocks service is commonly promoted 
to cybercriminals on hacking forums. 

After discovering the apps, Google removed all of them from the Play Store, 
with some reappearing, possibly after removing the malicious SDK. 

Users would be wise to double-check if any of their apps are still listed on 
the Play Store, and remove them if theyre not. Alternatively, they should at 
least keep them updated to the latest version. 

Via BleepingComputer More from TechRadar Pro What is a residential proxy? 
Heres everything you need to know Here's a list of the best firewalls around 
today These are the best endpoint security tools right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/watch-out-that-free-android-vpn-app-cou
ld-hijack-your-device


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.