Close Menu
  • Home
  • UNSUBSCRIBE
  • News
  • Lifestyle
  • Tech
  • Entertainment
  • Sports
  • Travel
Facebook X (Twitter) WhatsApp
Trending
  • The 7 best Sony headphones 2025: Tested for ANC, sound, value
  • Sunderland secure huge win at Forest to heap more misery on Ange
  • 3 Members of TLC’s Putman Family Killed in Car Accident
  • North Carolina businesses continue Helene recovery
  • Hungary to follow US in designating Antifa terrorist under Trump ties
  • DJI loses lawsuit against Pentagon, leaving its popular drones in peril
  • Alderete silences City Ground with Sunderland opener!
  • PGA Golfer Jake Knapp on Girlfriend Makena White’s Death
Facebook X (Twitter) WhatsApp
Baynard Media
  • Home
  • UNSUBSCRIBE
  • News
  • Lifestyle
  • Tech
  • Entertainment
  • Sports
  • Travel
Baynard Media
Home»Tech»Researchers find secret ties and vulnerabilities in popular VPN apps
Tech

Researchers find secret ties and vulnerabilities in popular VPN apps

EditorBy EditorSeptember 3, 2025No Comments3 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email

A new study has uncovered that more than 20 VPN apps on the Google Play Store share the same codebases and infrastructure, despite presenting themselves as independent services. Together, these apps account for 20 of the 100 most-downloaded VPNs on the platform, with a staggering 700 million users.

The findings raise serious questions about trust and transparency in an industry built on privacy — and highlight how poorly app stores may vet VPN providers.

The research, conducted by The Citizen Lab at the University of Toronto, traced these apps back to just three VPN families, some with ties to Russia and China. Investigators used business filings and forensic analysis of Android APKs to uncover the hidden connections.

SEE ALSO:

I’ve tested a bunch of popular VPNs. This is the only one I recommend for streaming.

Family A was tied to Innovative Connecting, Autumn Breeze, and Lemon Clove, and included major players like Turbo VPN, VPN Proxy Master, and Snap VPN — all of which shared identical code and assets. Family B, linked to Matrix Mobile, ForeRaya Technology, and Wildlook Tech, operated XY VPN, 3X VPN, and Melon VPN, which used the same VPN addresses. Family C, made up of Fast Potato and Free Connected Limited, controlled Fast Potato VPN and X-VPN.

Beyond a lack of transparency, the study also found serious security flaws. Some apps reused login credentials for ShadowSocks, a tool for bypassing firewalls. Others relied on outdated encryption algorithms, leaving users more exposed. Most concerning of all, all three VPN families were vulnerable to blind on-path attacks — meaning hackers on the same network, such as public Wi-Fi, could intercept traffic without either party realizing it.

Mashable Light Speed

The researchers noted that app stores have limited ability to verify who operates a VPN or how it’s built, since their review systems are largely focused on malware detection and privacy violations. As a remedy, they suggested introducing a security audit badge for VPNs — a certification that could give users more confidence in the apps they choose.

The specifics of Google’s app review process remain unclear. According to a support page, developers must provide a privacy policy, disclose whether the app contains ads, obtain a content rating, and share the app’s privacy and security practices with Google in order to pass review.

In a statement to Mashable through email, a Google spokesperson said that the company is committed to “compliance with applicable sanctions and trade compliance laws.”

“When we locate accounts that may violate these laws, our related policies or Terms of Service, we take appropriate action.”

UPDATE: Sep. 2, 2025, 3:17 p.m. EDT This article has been updated to include a statement from Google.

Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleToday on Sky Sports Racing: Lingfield and Bath host competitive cards | Racing News
Next Article Trump says ‘never felt better’ on Truth Social amid health rumors
Editor
  • Website

Related Posts

Tech

The 7 best Sony headphones 2025: Tested for ANC, sound, value

September 27, 2025
Tech

DJI loses lawsuit against Pentagon, leaving its popular drones in peril

September 27, 2025
Tech

How to clear cache on iPhone — updated for 2025

September 27, 2025
Add A Comment

Comments are closed.

Categories
  • Entertainment
  • Lifestyle
  • News
  • Sports
  • Tech
  • Travel
Recent Posts
  • The 7 best Sony headphones 2025: Tested for ANC, sound, value
  • Sunderland secure huge win at Forest to heap more misery on Ange
  • 3 Members of TLC’s Putman Family Killed in Car Accident
  • North Carolina businesses continue Helene recovery
  • Hungary to follow US in designating Antifa terrorist under Trump ties
calendar
September 2025
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930  
« Aug    
Recent Posts
  • The 7 best Sony headphones 2025: Tested for ANC, sound, value
  • Sunderland secure huge win at Forest to heap more misery on Ange
  • 3 Members of TLC’s Putman Family Killed in Car Accident
About

Welcome to Baynard Media, your trusted source for a diverse range of news and insights. We are committed to delivering timely, reliable, and thought-provoking content that keeps you informed
and inspired

Categories
  • Entertainment
  • Lifestyle
  • News
  • Sports
  • Tech
  • Travel
Facebook X (Twitter) Pinterest WhatsApp
  • Contact Us
  • About Us
  • Privacy Policy
  • Disclaimer
  • UNSUBSCRIBE
© 2025 copyrights reserved

Type above and press Enter to search. Press Esc to cancel.