We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Android VPN

Android VPN Apps Linked to Chinese Co (Qihoo 360) Tied to PRC
AppWizard
August 22, 2025

Android VPN Apps Linked to Chinese Co (Qihoo 360) Tied to PRC

Recent investigations by Arizona State University and Citizen Lab have revealed that several popular Android VPN applications are linked to entities in mainland China and Hong Kong, raising security concerns. These apps, which have millions of downloads, share ownership and infrastructure, and exhibit significant security flaws, including the collection of location data against privacy policies, outdated encryption methods, and hard-coded passwords that could compromise user traffic. One company manages all VPN servers for a second group of apps, while a third group is vulnerable to connection interference attacks. Notably, these VPN providers are connected to Qihoo 360, a Chinese company flagged as a potential national security threat, with ties to the Chinese military. The Tech Transparency Project reported that millions of Americans have downloaded apps that route internet traffic through Chinese companies, with one in five of the top 100 free VPNs in the U.S. App Store in 2024 being covertly owned by Chinese firms. Some VPNs have targeted younger audiences through social media ads, raising concerns about their marketing strategies. Qihoo 360 has been sanctioned and is on the Commerce Department’s Entity List, emphasizing the national security risks associated with these services. Users are advised to research their VPN providers to avoid affiliations with the Chinese Communist government.
"Scammers scamming other scammers" – This free Android VPN was caught using Windscribe-stolen servers
AppWizard
August 21, 2025

“Scammers scamming other scammers” – This free Android VPN was caught using Windscribe-stolen servers

A free Android VPN app called JetVPN, which has over one million downloads, was found to be using servers owned by Windscribe. Windscribe, a reputable VPN provider, discovered this in late July and subsequently blocked JetVPN's access. JetVPN then switched to using servers from Private Internet Access (PIA) after the block. Windscribe stated that JetVPN was abusing Windscribe accounts by sharing them through its app. PIA confirmed that it closed accounts that were exploited by a third party. JetVPN claimed it never intentionally used Windscribe's infrastructure and has since removed the compromised servers. The app is no longer available on the Google Play Store, where it had a five-star rating, as it is undergoing updates. Google has introduced a "Verified" badge to help users identify secure VPNs, but concerns about the quality control of apps on the Google Play Store persist.
Android VPN apps used by millions are covertly connected AND insecure
AppWizard
August 19, 2025

Android VPN apps used by millions are covertly connected AND insecure

Recent research from Arizona State University and Citizen Lab has identified connections among three families of Android VPN applications with over 700 million downloads, raising concerns about user privacy and security. The analysis revealed three groups of VPN providers: 1. Group A: Eight apps from three providers sharing identical Java code and libraries, exhibiting vulnerabilities such as: - Collecting location data against privacy policies. - Using weak encryption methods. - Hard-coded Shadowsocks passwords that could allow traffic decryption. 2. Group B: Eight apps from five providers supporting only the Shadowsocks protocol, sharing libraries and hard-coded passwords, with all servers hosted by GlobalTeleHost Corp. 3. Group C: Two providers with one app each, using a custom tunneling protocol and sharing similar code, vulnerable to connection inference attacks. The research highlighted significant privacy breaches, including undisclosed location data collection and vulnerabilities that could allow eavesdroppers to decrypt communications. Alarmingly, these VPN providers are linked to Qihoo 360, a Chinese company that has concealed this connection, raising concerns about potential data sharing with the government due to China's strict laws. Additionally, the Tech Transparency Project found that many free VPN apps on the Apple App Store are also linked to companies in mainland China or Hong Kong without disclosing these ties.
Beware – Iran-linked fake VPN apps found to spy on Android users
AppWizard
July 22, 2025

Beware – Iran-linked fake VPN apps found to spy on Android users

Researchers have identified a new spyware campaign targeting Iranian users of Android VPN applications, specifically a revamped version of DCHSpy, which disguises itself as legitimate VPN services like Starlink. This campaign began shortly after the Israel-Iran conflict and coincided with increased VPN usage among Iranians facing internet restrictions. DCHSpy can collect sensitive user data, including WhatsApp messages, contacts, SMS, files, location information, call logs, and has the ability to record audio and capture images. The spyware is maintained by the hacking group MuddyWater, linked to Iran's Ministry of Intelligence and Security, and has been enhanced with new functionalities. Malicious VPN services EarthVPN and ComodoVPN are being used to spread the malware, following the previous use of HideVPN. Experts warn that hackers are distributing malicious APKs through trusted platforms like Telegram, increasing risks for Iranian citizens. Security analyst Azam Jangrevi advises caution when downloading apps, recommending verified app stores and mobile security solutions to detect threats like DCHSpy. For high-risk professionals, she suggests using hardware-based security keys and vetted encrypted messaging applications.
How Free Android VPNs Improve HTTP Security in App Development (2025)
AppWizard
July 21, 2025

How Free Android VPNs Improve HTTP Security in App Development (2025)

The integration of a free Android VPN is essential for mobile application developers to protect sensitive communications by creating an encrypted tunnel between a user's device and a secure server. VPNs enhance HTTP security by encrypting data, making it unreadable to unauthorized entities. They use various encryption protocols such as OpenVPN, WireGuard, and IKEv2/IPSec to secure HTTP connections. Free Android VPNs are cost-effective for developers, allowing secure testing across regions, maintaining security during remote work, and protecting data integrity in app testing. While some free VPNs may compromise user privacy, reputable providers offer secure options with no-log policies. Five recommended free Android VPNs for developers in 2025 include X-VPN, Proton VPN Free, Windscribe, TunnelBear, and Hideme, each with specific features suited for secure app development. Best practices for using free VPNs include verifying VPN protocols, enabling a kill switch, regularly auditing security settings, and using dedicated VPN profiles for app testing.
Best VPN for Android 2025: NordVPN Voted Best of VPNs for Android
AppWizard
May 17, 2025

Best VPN for Android 2025: NordVPN Voted Best of VPNs for Android

NordVPN has been recognized as the Best VPN for Android in 2025, continuing its commitment to trusted VPN services since launching its Android app in 2016. The user interface has been redesigned for a streamlined experience, featuring a clean, map-based home screen and easy server access. It has received praise for exceptional speed on Android devices, attributed to its NordLynx protocol, and boasts over 7,000 servers in more than 100 countries for reliable internet access. NordVPN maintains a strict no-logs policy to protect user privacy and includes advanced security features like Threat Protection Lite. The app is optimized for battery efficiency and offers robust customer support, including 24/7 live chat. NordVPN's competitive pricing plans and various payment methods enhance its accessibility.
You can now verify Mullvad VPN's credentials
AppWizard
May 13, 2025

You can now verify Mullvad VPN’s credentials

Mullvad VPN has announced that its Android app builds are now reproducible starting with version 2025.2, allowing users to verify that the app is built from the open-source code published by Mullvad. Reproducible builds ensure that the published source code matches the distributed application and that no unintended modifications occurred during the build process. Mullvad encourages users to engage in the verification process, providing source codes and instructions on its GitHub page.
You can now verify if your Mullvad VPN app is legit
AppWizard
May 9, 2025

You can now verify if your Mullvad VPN app is legit

Mullvad has introduced reproducible builds for its Android VPN application starting with version 2025.2, allowing users to confirm the legitimacy of the app before installation. Reproducible builds ensure that identical copies of the application can be recreated from the same source code, build environment, and instructions, providing assurance against unauthorized modifications. This decision follows a rise in malicious free VPN applications and malware distribution through counterfeit software. Currently, only the latest version of Mullvad's Android VPN app features this capability, with no confirmed plans for other platforms. Mullvad encourages technically skilled users to verify the builds and has provided instructions for the verification process.
Best Android VPN for 2024
AppWizard
July 29, 2024

Best Android VPN for 2024

Selecting an Android VPN involves several key factors: 1. Privacy: Essential features include AES 256-bit encryption, a kill switch, DNS leak protection, a no-logs policy, and ideally, a provider in a privacy-friendly jurisdiction. Additional features to consider are Tor over VPN, ad and tracker blockers, multihop connections, and regular third-party security audits. 2. Speed: The VPN should minimize negative impacts on internet speeds for activities like streaming, downloading, and gaming. 3. Usability: The VPN should be user-friendly, with accessible features and direct support options. A robust server network is necessary for reliable connections and accessing geo-restricted content. 4. Cost: VPN prices vary, with monthly subscriptions typically ranging from to . Annual plans can offer savings, usually between and 0 per year. Free VPNs may compromise privacy, with Proton VPN being a recommended option. Many providers offer money-back guarantees from one week to 45 days and seven-day free trials through the Play Store.
Search