Published On: Wed, Mar 27th, 2024
Technology | 3,960 views

Latest Google Android app ban might stop you using VPNs for good


Millions of us use VPNs every day with these Virtual Private Networks offering a more secure way of logging into the web along with allowing users to access UK streaming content when abroad. They are hugely popular applications but a new warning from cyber experts at HUMAN’s Satori threat intelligence team may make you think twice before installing one on your phone.

A worrying report – published this week – has exposed a new danger when using some VPNs with a number of applications featuring a threat dubbed PROXYLIB. This malicious software is able to perform a swathe of concerning activities on devices including ad fraud, phishing for data, spamming other users in your contacts and password spraying – a type of brute force attack that attempts to log into accounts.

A total of 28 apps were found to contain this threat with all available to download via Google’s Play Store – they have since been banned.

“HUMAN’s Satori Threat Intelligence team recently identified a cluster of VPN apps available on the Google Play Store that transformed the user’s device into a proxy node without their knowledge,” the team explained in a post on its blog.

“28 applications containing the PROXYLIB SDK identified in this report have been removed from the Play Store and HUMAN continues to work to disrupt the threat posed by PROXYLIB.”

Along with removing the offending applications, Android users should be protected against future attacks by PROXYLIB thanks to Google Play Protect which is switched on by default on most devices.

That said, the Satori Threat Intelligence team say more attacks could be on their way and Android users need to remain vigilant when installing new VPNs.

“We expect to see the threat actor continue to evolve their TTPs in order to continue selling access to the residential proxy network generated by apps containing PROXYLIB,” Satori added.

“HUMAN recommends that users download mobile apps exclusively from official marketplaces, such as the Google Play Store or iOS App Store. Further, users should avoid clones or “mods” of popular apps which may allow malware or undesired functionality such as the PROXYLIB residential proxy node enrollment discussed in this report to masquerade as benign software.”

You can find the full list of apps thought to be affected by the Google ban. It’s currently unclear if developers knew their apps were infected with the threat or if it was added at a later date by cyber criminals

• Lite VPN

• Anims Keyboard

• Blaze Stride

• Byte Blade VPN

• Android 12 Launcher

• Android 13 Launcher

• Android 14 Launcher

• CaptainDroid Feeds

• Free Old Classic Movies

• Phone Comparison

• Fast Fly VPN

• Fast Fox VPN

• Fast Line VPN

• Funny Char Ging Animation

• Limo Edges

• Oko VPN

• Phone App Launcher

• Quick Flow VPN

• Sample VPN

• Secure Thunder

• Shine Secure

• Speed Surf

• Swift Shield VPN

• Turbo Track VPN

• Turbo Tunnel VPN

• Yellow Flash VPN

• VPN Ultra

• Run VPN



Source link