Almost two dozen free Android VPN apps were actually turning host devices into residential proxies, researchers have revealed announced. All of the apps were subsequently removed from the Play Store, with some making a comeback after cleaning up their code.
Cybersecurity researchers from HUMAN’s Satori Intelligence Team recently discovered a total of 28 apps, all of which had the “Proxylib” software development kit (SDK). This SDK, built in the Golang programming language, was designed to do the proxying, a process in which internet traffic is routed through third-party devices.
All of the apps were subsequently removed from the Play Store, with some making a comeback after cleaning up their code.
Russian fingers
While proxying has its legitimate, legal use cases, when it’s not clearly stated in the app, it’s most likely criminal. Hackers use it to hide their traffic as they commit ad fraud, phishing, and more.
Of the 28 apps, 17 were free VPN apps. Here is the full list:
Lite VPNAnims KeyboardBlaze StrideByte Blade VPNAndroid 12 Launcher (by CaptainDroid)Android 13 Launcher (by CaptainDroid)Android 14 Launcher (by CaptainDroid)CaptainDroid FeedsFree Old Classic Movies (by CaptainDroid)Phone Comparison (by CaptainDroid)Fast Fly VPNFast Fox VPNFast Line VPNFunny Char Ging AnimationLimo EdgesOko VPNPhone App LauncherQuick Flow VPNSample VPNSecure ThunderShine SecureSpeed SurfSwift Shield VPNTurbo Track VPNTurbo Tunnel VPNYellow Flash VPNVPN UltraRun VPN
The researchers speculate that these apps are linked to Asocks, a Russia-based residential proxy service provider, given that many apps connected to the Asocks’ website, and the Asocks service is commonly promoted to cybercriminals on hacking forums.
After discovering the apps, Google removed all of them from the Play Store, with some reappearing, possibly after removing the malicious SDK.
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Users would be wise to double-check if any of their apps are still listed on the Play Store, and remove them if they’re not. Alternatively, they should at least keep them updated to the latest version.
Via BleepingComputer
More from TechRadar Pro
What is a residential proxy? Here’s everything you need to knowHere’s a list of the best firewalls around todayThese are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : TechRadar – https://www.techradar.com/pro/security/watch-out-that-free-android-vpn-app-could-hijack-your-device