Out of the 150 apps found on the Google Play Store, nearly 40 of them did not make an effort to protect their users and they leaked DNS information. In total, all of these apps have 260 million downloads around the globe. Four of these apps released WebRTC information (real-time communications protocol), while an additional two leaked the Web RTC, DNS data, and IP addresses. Although it is not confirmed, a scan from VirusTotal revealed 27 apps were susceptible to malware. Personal information was attempted to be accessed by 38 percent along with 25 percent of the apps asking to track the location of the device using them. The most high-risk apps being used are HotSpotShield Free, SuperVPN, Hi VPN, HotSpotShield Basic, Psiphon Pro, Turbo VPN, VPN Master, Snap VPN, Hola, and Speed VPN. All of these apps have anywhere between 10-50 million downloads. While none of them contained malware they all had core issues such as DNS leaking, risky permission requests, and risky function attempts.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased