Shadowsocks Archives

AppWizard

October 10, 2025

Fake VPN and streaming app infects thousands of Android devices, drains bank accounts

Cybersecurity experts have warned Android users about the Mobdro Pro IP TV + VPN application, which has been identified as a means to distribute the Klopatra banking trojan. This trojan, first discovered in August 2025, is being spread through two active botnets, primarily targeting users in Spain and Italy, with nearly 3,000 confirmed infections. Klopatra allows cybercriminals complete remote access to infected devices, enabling them to read messages, steal login credentials, and execute fraudulent transactions. The malware exploits Android Accessibility Services permissions to carry out its activities. Mobdro Pro IP TV + VPN is distributed outside the Google Play Store, increasing users' vulnerability to such threats. Additionally, a VPN Transparency Report 2025 highlighted security risks in several popular legitimate VPN applications, indicating that some misrepresent their security protocols and may not provide adequate protection.

AppWizard

September 4, 2025

Popular Android VPN apps found to have security flaws and China links

A report by researchers at the University of Toronto’s Citizen Lab and Arizona State University reveals significant vulnerabilities in several Android VPN applications on the Google Play Store, indicating that many are owned by a Chinese company and mislead consumers about their ownership. The study analyzed the 100 most-downloaded VPNs not based in the U.S. and identified three families of providers with shared technical infrastructures and security flaws. Family A includes eight VPNs linked to providers like Innovative Connecting, which have a hard-coded key for Shadowsocks, allowing eavesdroppers to decrypt communications. Family B consists of six providers, including Global VPN, also using hard-coded passwords for Shadowsocks, raising concerns about anonymity. Family C includes providers like Fast Potato VPN, vulnerable to traffic manipulation attacks. The researchers suggest that the obscured ownership of these VPNs may be a strategy to mitigate reputational risks. They also highlight the responsibility of platforms like Google to vet the security of applications, noting that hosting insecure apps could damage Google's reputation. Users are advised to conduct thorough research and choose reputable VPN services.

AppWizard

August 22, 2025

Android VPN Apps Linked to Chinese Co (Qihoo 360) Tied to PRC

Recent investigations by Arizona State University and Citizen Lab have revealed that several popular Android VPN applications are linked to entities in mainland China and Hong Kong, raising security concerns. These apps, which have millions of downloads, share ownership and infrastructure, and exhibit significant security flaws, including the collection of location data against privacy policies, outdated encryption methods, and hard-coded passwords that could compromise user traffic. One company manages all VPN servers for a second group of apps, while a third group is vulnerable to connection interference attacks. Notably, these VPN providers are connected to Qihoo 360, a Chinese company flagged as a potential national security threat, with ties to the Chinese military. The Tech Transparency Project reported that millions of Americans have downloaded apps that route internet traffic through Chinese companies, with one in five of the top 100 free VPNs in the U.S. App Store in 2024 being covertly owned by Chinese firms. Some VPNs have targeted younger audiences through social media ads, raising concerns about their marketing strategies. Qihoo 360 has been sanctioned and is on the Commerce Department’s Entity List, emphasizing the national security risks associated with these services. Users are advised to research their VPN providers to avoid affiliations with the Chinese Communist government.

AppWizard

August 19, 2025

Android VPN apps used by millions are covertly connected AND insecure

Recent research from Arizona State University and Citizen Lab has identified connections among three families of Android VPN applications with over 700 million downloads, raising concerns about user privacy and security. The analysis revealed three groups of VPN providers: 1. Group A: Eight apps from three providers sharing identical Java code and libraries, exhibiting vulnerabilities such as: - Collecting location data against privacy policies. - Using weak encryption methods. - Hard-coded Shadowsocks passwords that could allow traffic decryption. 2. Group B: Eight apps from five providers supporting only the Shadowsocks protocol, sharing libraries and hard-coded passwords, with all servers hosted by GlobalTeleHost Corp. 3. Group C: Two providers with one app each, using a custom tunneling protocol and sharing similar code, vulnerable to connection inference attacks. The research highlighted significant privacy breaches, including undisclosed location data collection and vulnerabilities that could allow eavesdroppers to decrypt communications. Alarmingly, these VPN providers are linked to Qihoo 360, a Chinese company that has concealed this connection, raising concerns about potential data sharing with the government due to China's strict laws. Additionally, the Tech Transparency Project found that many free VPN apps on the Apple App Store are also linked to companies in mainland China or Hong Kong without disclosing these ties.

Tech Optimizer

August 7, 2025

The best VPNs with antivirus of 2025: Expert tested and reviewed

A virtual private network (VPN) combined with antivirus software provides enhanced security for online and offline activities by creating encrypted tunnels that protect privacy and mask online behavior. In the UK, users increasingly adopt VPNs to bypass strict age verification checks. Key benefits of using a VPN include IP address disguise, data encryption, and access to geo-restricted content. The best VPN with antivirus currently recommended is the Surfshark One security suite, which offers a robust VPN experience and effective antivirus capabilities. Other notable VPNs with antivirus features include NordVPN, Private Internet Access (PIA), and CyberGhost, each with unique strengths and pricing structures. Surfshark allows unlimited device connections, offers a seven-day free trial, and has a 30-day money-back guarantee. It features IP masking, automated antivirus protection, and a user-friendly app. NordVPN is known for high-speed performance and robust antimalware features, allowing up to 10 simultaneous connections. PIA offers customizable settings and unlimited connections, while CyberGhost is optimized for streaming and allows connections on up to seven devices. Each service has specific pricing, trial periods, and user ratings across various platforms.

Winsage

July 18, 2024

The Best Free Windows VPN of 2024

The text discusses the best free VPN services for Windows in 2024, including NordVPN, ExpressVPN, Private Internet Access, Proton VPN, Hide.me, and PrivadoVPN. These VPNs offer various features such as unlimited bandwidth, security protocols, and privacy protection. Some free VPN services to avoid are also mentioned, including those that store logs and have bandwidth restrictions.

AppWizard

April 26, 2024

PIA unveils revamped Android VPN app with Shadowsocks integration

- Private Internet Access has updated its Android VPN application with a focus on user privacy, adherence to accessibility standards, and a transition to a Kotlin codebase for better performance and reliability. - The update includes a more intuitive user interface, integration of Shadowsocks for enhanced security and privacy, and features developed in line with the latest Web Content Accessibility Guidelines. - The integration of Shadowsocks allows users to mask their connections, circumvent firewalls, and evade censorship, providing a stronger privacy shield. - The switch to a Kotlin codebase has led to faster feature rollouts and updates, increasing development speed significantly.

AppWizard

April 23, 2024

PIA Unveils New Android App – Redesigned for More Customization

- Private Internet Access (PIA) Android app has a new sleek user interface with a native dark mode. - The app now adheres to Web Content Accessibility Guidelines (WCAG) for improved accessibility. - The latest Android app from PIA offers more customization options, including home screen widgets and server sorting function. - Automation features allow users to define network rules for VPN connections. - The app now includes Shadowsocks for enhanced connection on restricted Wi-Fi networks. - The codebase of the app has been rewritten in Kotlin for faster development and feature integration. - PIA maintains transparency by making the new code open-source on GitHub. - Users have more control over their online privacy with the new app.