Close Menu
  • Home
  • UNSUBSCRIBE
  • News
  • Lifestyle
  • Tech
  • Entertainment
  • Sports
  • Travel
Facebook X (Twitter) WhatsApp
Trending
  • Kaley Cuoco’s Dark Hair Photos at US Open 2025
  • Bodycam video shows wild boar in Florida home
  • Will the James Webb telescope lead us to alien life? Scientists say we’re getting closer than ever.
  • Andrew Cuomo meets with Al Sharpton amid NYC mayoral campaign
  • Robolox announces TikTok-like shortform video app, AI tools for creators
  • US Open: Gabriela Dabrowski lifts women’s doubles title just over a year after battling cancer | Tennis News
  • Blake Lively New Photo in New York Amid Legal Battle
  • South Korean workers arrested during immigration raid at Hyundai site
Facebook X (Twitter) WhatsApp
Baynard Media
  • Home
  • UNSUBSCRIBE
  • News
  • Lifestyle
  • Tech
  • Entertainment
  • Sports
  • Travel
Baynard Media
Home»Tech»Researchers find secret ties and vulnerabilities in popular VPN apps
Tech

Researchers find secret ties and vulnerabilities in popular VPN apps

EditorBy EditorSeptember 3, 2025No Comments3 Mins Read
Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
Share
Facebook Twitter LinkedIn Pinterest Email

A new study has uncovered that more than 20 VPN apps on the Google Play Store share the same codebases and infrastructure, despite presenting themselves as independent services. Together, these apps account for 20 of the 100 most-downloaded VPNs on the platform, with a staggering 700 million users.

The findings raise serious questions about trust and transparency in an industry built on privacy — and highlight how poorly app stores may vet VPN providers.

The research, conducted by The Citizen Lab at the University of Toronto, traced these apps back to just three VPN families, some with ties to Russia and China. Investigators used business filings and forensic analysis of Android APKs to uncover the hidden connections.

SEE ALSO:

I’ve tested a bunch of popular VPNs. This is the only one I recommend for streaming.

Family A was tied to Innovative Connecting, Autumn Breeze, and Lemon Clove, and included major players like Turbo VPN, VPN Proxy Master, and Snap VPN — all of which shared identical code and assets. Family B, linked to Matrix Mobile, ForeRaya Technology, and Wildlook Tech, operated XY VPN, 3X VPN, and Melon VPN, which used the same VPN addresses. Family C, made up of Fast Potato and Free Connected Limited, controlled Fast Potato VPN and X-VPN.

Beyond a lack of transparency, the study also found serious security flaws. Some apps reused login credentials for ShadowSocks, a tool for bypassing firewalls. Others relied on outdated encryption algorithms, leaving users more exposed. Most concerning of all, all three VPN families were vulnerable to blind on-path attacks — meaning hackers on the same network, such as public Wi-Fi, could intercept traffic without either party realizing it.

Mashable Light Speed

The researchers noted that app stores have limited ability to verify who operates a VPN or how it’s built, since their review systems are largely focused on malware detection and privacy violations. As a remedy, they suggested introducing a security audit badge for VPNs — a certification that could give users more confidence in the apps they choose.

The specifics of Google’s app review process remain unclear. According to a support page, developers must provide a privacy policy, disclose whether the app contains ads, obtain a content rating, and share the app’s privacy and security practices with Google in order to pass review.

In a statement to Mashable through email, a Google spokesperson said that the company is committed to “compliance with applicable sanctions and trade compliance laws.”

“When we locate accounts that may violate these laws, our related policies or Terms of Service, we take appropriate action.”

UPDATE: Sep. 2, 2025, 3:17 p.m. EDT This article has been updated to include a statement from Google.

Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleToday on Sky Sports Racing: Lingfield and Bath host competitive cards | Racing News
Next Article Trump says ‘never felt better’ on Truth Social amid health rumors
Editor
  • Website

Related Posts

Tech

Robolox announces TikTok-like shortform video app, AI tools for creators

September 6, 2025
Tech

I’ve been on Liquid Glass for months. I love 3 features in particular.

September 6, 2025
Tech

Free Bluetti Handsfree 1 solar generator with purchase of the Bluetti Apex 300

September 5, 2025
Add A Comment

Comments are closed.

Categories
  • Entertainment
  • Lifestyle
  • News
  • Sports
  • Tech
  • Travel
Recent Posts
  • Kaley Cuoco’s Dark Hair Photos at US Open 2025
  • Bodycam video shows wild boar in Florida home
  • Will the James Webb telescope lead us to alien life? Scientists say we’re getting closer than ever.
  • Andrew Cuomo meets with Al Sharpton amid NYC mayoral campaign
  • Robolox announces TikTok-like shortform video app, AI tools for creators
calendar
September 2025
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930  
« Aug    
Recent Posts
  • Kaley Cuoco’s Dark Hair Photos at US Open 2025
  • Bodycam video shows wild boar in Florida home
  • Will the James Webb telescope lead us to alien life? Scientists say we’re getting closer than ever.
About

Welcome to Baynard Media, your trusted source for a diverse range of news and insights. We are committed to delivering timely, reliable, and thought-provoking content that keeps you informed
and inspired

Categories
  • Entertainment
  • Lifestyle
  • News
  • Sports
  • Tech
  • Travel
Facebook X (Twitter) Pinterest WhatsApp
  • Contact Us
  • About Us
  • Privacy Policy
  • Disclaimer
  • UNSUBSCRIBE
© 2025 copyrights reserved

Type above and press Enter to search. Press Esc to cancel.