Everyone wants to safe online, but, what if the thing you think is keeping you safe actually puts you at risk? Recently, Google has removed a popular VPN from their Play Store - named SuperVPN. This was after it was discovered that the service could allow hackers to redirect users to malicious websites.
SuperVPN has more than 100 million installs and was shown off as one of the top 5 VPN search results in the Google Play Store. The VPN contains vulnerabilities that allow a man-in-the-middle (MITM) attacks. This type of attack can expose messages that are sent between the user and the provider and redirect users away from genuine VPN servers.
After testing, it showed that the app also allows data to be delivered over HTTP - it's insecure. Whilst information is being passed between the user and the backend is encrypted, the description keys are stored within the app itself. This makes them an easy target for hackers - which makes users an easy target. Over time, the app has drawn attention multiple times due to their suspicious methods. As well as this, the origin of the app remains unclear.
Back in 2016, SuperVPN was first identified as a security threat. This happened when Australian researchers had ranked it third in an analysis of the most malware-rigged VPN apps. They suggested that the app has been posing risks to users ever since it landed in the Play Store. By that time the app had been downloaded 10,000 times.
Since January, the app's user base has doubled to 100 million. The flood of installs could also be due to the Google Play Store search rankings being manipulated. The publisher has recently flooded their page many fake reviews from hidden users. As well as this, they generated illicit backlinks for them to secure a good position in Google rankings.
The millions of users that have downloaded the app have been suggested to delete the app ASAP.