Hidden Links: Study finds 18 popular Android VPNs secretly linked and insecure

04Sep 2025 by alex No Comments

Hidden Links: 18 popular Android VPN apps secretly linked and insecure

A new peer-reviewed study presented at the Privacy Enhancing Technologies Symposium (PETS) finds that 18 of the 100 most-downloaded VPN apps on the Google Play Store are secretly connected in three large “families,” despite claiming to be independent providers. The study also discovered shared infrastructure problems and security flaws that put users at risk.

Key findings

  • 18 VPN apps were grouped into three families using evidence from business records, web presence and code similarities.
  • Family A: Turbo VPN, Turbo VPN Lite, VPN Monster, VPN Proxy Master, VPN Proxy Master Lite, Snap VPN, Robot VPN and SuperNet VPN — linked to providers (Innovative Connecting, Lemon Clove, Autumn Breeze) with ties to Qihoo 360.
  • Family B: Global VPN, XY VPN, Super Z VPN, Touch VPN, VPN ProMaster, 3X VPN, VPN Inf and Melon VPN — shared IP addresses and hosting.
  • Family C: X-VPN and Fast Potato VPN — different providers but very similar code and a shared custom VPN protocol.
  • All 18 apps used Shadowsocks with a hard-coded password, exposing them to server- and client-side takeover, eavesdropping and data injection attacks.

Why this matters

VPN users expect privacy and truthful disclosure of ownership and infrastructure. Hidden co-ownership and insecure implementations break trust and can expose browsing activity and personal data. App stores did not flag these relationships — many of the apps were listed as unrelated products.

Advice for users

  • Be cautious with free VPNs. Prefer reputable providers with clear ownership and paid-supported models (e.g., Proton VPN).
  • Vet a VPN’s privacy policy, jurisdiction, independent audits and whether it’s supported by a paid plan.
  • Remove any free VPN you can’t verify and consider using a trusted paid service for sensitive tasks.

If you want the original PETS study and further coverage, I searched for reputable sources and linked them in my research step — see the references below for more information.

References and further reading

  • (Links added from research step)

Did this change how you view free VPNs? Share your thoughts in the comments.

Leave a Reply

Your email address will not be published. Required fields are marked *

Diese Seite verwendet Cookies, um die Nutzerfreundlichkeit zu verbessern. Mit der weiteren Verwendung stimmst du dem zu.

Datenschutzerklärung