VPN apps Archives

AppWizard

July 22, 2025

Beware – Iran-linked fake VPN apps found to spy on Android users

Researchers have identified a new spyware campaign targeting Iranian users of Android VPN applications, specifically a revamped version of DCHSpy, which disguises itself as legitimate VPN services like Starlink. This campaign began shortly after the Israel-Iran conflict and coincided with increased VPN usage among Iranians facing internet restrictions. DCHSpy can collect sensitive user data, including WhatsApp messages, contacts, SMS, files, location information, call logs, and has the ability to record audio and capture images. The spyware is maintained by the hacking group MuddyWater, linked to Iran's Ministry of Intelligence and Security, and has been enhanced with new functionalities. Malicious VPN services EarthVPN and ComodoVPN are being used to spread the malware, following the previous use of HideVPN. Experts warn that hackers are distributing malicious APKs through trusted platforms like Telegram, increasing risks for Iranian citizens. Security analyst Azam Jangrevi advises caution when downloading apps, recommending verified app stores and mobile security solutions to detect threats like DCHSpy. For high-risk professionals, she suggests using hardware-based security keys and vetted encrypted messaging applications.

AppWizard

March 26, 2025

Google bolsters Android security for app developers and users

Google has announced a suite of improvements to enhance security within the Android ecosystem and the Google Play Store. Key advancements include: - Enhanced tools to protect businesses from scams and fraud. - Pre-review checks to identify policy and compatibility issues early in app development. - Transparent information on Google Play to build consumer trust. - Strengthened threat-detection capabilities using AI to combat malicious activities. Developers will receive earlier notifications about relevant policies within Android Studio, and the policy experience has been revamped for clearer updates and more time for changes. The Google Play Developer Help Community is expanding to facilitate knowledge sharing among developers. The Play Integrity API is being utilized for over 500 million daily checks to prevent fraud and abuse, with apps using these features seeing an 80% reduction in usage from unverified sources. Improvements for devices running Android 13 include enhanced security signals and automatic updates for developers. New badges for app categories, including a "Verified" badge for VPN apps, are being introduced to validate secure applications. Google is also focusing on creating a safe online experience for children and developing tools like the Credential Manager API for Digital IDs. Last year, investments in security measures prevented 2.36 million policy-violating apps from being published. Google Play Protect is evolving to counter new threats, and the company is collaborating with industry leaders to establish security standards through the App Defense Alliance.

AppWizard

September 29, 2024

Android warning: Your Google Chrome and VPN apps could be a malware-laced clones trying to STEAL from you

A new strain of malware called Octo2 is spreading across Europe, targeting Android phone users. Discovered by ThreatFabric, Octo2 disguises itself as popular applications like Google Chrome and NordVPN. Once installed, it allows hackers to control the device, capture on-screen activity, intercept messages, and log keystrokes, facilitating identity theft and phishing schemes. The malware is primarily distributed through unofficial app stores and currently affects users in Italy, Poland, Moldova, and Hungary, with potential for global spread. Octo2 is believed to be a successor to the original Octo trojan, which had a wide reach before its source code was leaked, prompting the development of Octo2. Users are advised to download apps only from the Google Play Store and remain vigilant about app permissions and developer credentials. Google Play Protect automatically protects Android users from known versions of this malware.

BetaBeacon

August 13, 2024

Free Android and iOS for a Limited Time

Android apps and games that are free for a limited time include MR RACER, Blessing Cash Knight, and Shadow Survival.

AppWizard

July 12, 2024

Maximizing mobile security: The best VPN apps for Android users in 2024

- VPNs for Android create an encrypted tunnel to protect personal information on public Wi-Fi and bypass geo-restrictions. - Top features for Android VPN apps include AES-256 encryption, no-logs policy, kill switch, split tunneling, and a broad network of servers. - Top VPN picks for Android in 2024 include NordVPN, ExpressVPN, Surfshark, and ProtonVPN. - Modern VPNs for Android focus on performance, usability, privacy, and security advancements. - Using a VPN is essential for Android users in 2024 to ensure privacy and security online.

AppWizard

June 19, 2024

Beware: Most VPN apps won’t work on Copilot Plus PCs (Updated)

- Private Internet Access (PIA) plans to launch an Arm version of its app, waiting on Microsoft for driver signing certificate. - ExpressVPN also working on a build for Windows Arm PCs, excited about Arm chips' performance. - Most VPN apps won't work on Copilot Plus PCs or Windows on Arm machines unless they have a native Arm build. - Workarounds for VPN problem include using browser extensions, Windows' built-in VPN system, or using a VPN on the entire network.

AppWizard

June 5, 2024

Free Android VPN Security Flaws: 100 Apps Tested

- HTTP Injector and Phone Guardian were the most concerning VPNs in terms of encryption. - HTTP Injector sometimes used outdated and insecure TLSv1 before switching to TLSv1.3. - Phone Guardian only encrypts HTTP sites when connected to untrusted WiFi networks, leaving details of HTTPS websites exposed. - At least 35 VPNs used sub-optimal 128-bit encryption instead of stronger 256-bit encryption. - 11 VPNs used AES-128-CBC for PRF instead of the stronger HMAC-SHA2-256. - 16 VPNs always used TLSv1.2 as the handshake protocol, with 2 using it some of the time. - Four VPNs were found using SSLv2 as the handshake protocol, an obsolete and vulnerable protocol. - Two other VPN apps used SSLv2 in a different and unusual manner, sending and receiving insecure connections.

AppWizard

April 30, 2024

Google blocked over 2 million dangerous Android apps from the Play Store last year

Google has prevented over 2 million Android applications from reaching users in the past year, ensuring a safer digital environment for smartphone owners.

AppWizard

April 29, 2024

Google rejected 2.28 million risky Android apps from Play store in 2023

Google has prevented 2.28 million Android applications from reaching the Google Play Store due to policy infringements.

AppWizard

April 2, 2024

Malicious Android apps facilitate device transformation into proxies

Nearly 30 VPN applications on Android devices were found to have a hidden threat, turning devices into residential proxies without users' knowledge. This allowed cybercriminals to conceal unauthorized activities under the guise of legitimate IP addresses.