Seguridad

Personal data and logs leaked from free VPN apps

Beware of using free VPN (virtual private network) apps, as research by Comparitech and vpnMentor has found that a total of seven mobile VPN apps for Android and iOS have leaked up to 1.2TB of personal information.

The most curious thing is that the pages of some of these services promised to have military grade encryption and that they would not record any type of browsing activity of users, aspects that are far from reality, since records of browsing activities have been found along with personal identification data of users, including plain text passwords, on the server that all these applications have in common.

And is that this information is completely accessible without any type of protection on the server itself, without even the most elementary security measures, as expected in this type of service.

And, as they point out from vpnMentor, these applications seem to have the same application developer in common, considering these applications as white label applications, having a common code base and sharing the same infrastructure.

In fact, three of the pages of these applications have a fairly similar layout, and they even share the same recipient of payments, Dreamfii HK Limited. The applications in question are: UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN.

Slo Rabbit VPN has been removed from the Google Play Store. We will have to wait to see what steps Google takes with respect to the rest of the applications involved, taking into account that Google must offer greater security with respect to the applications that can be installed from the Play Store, the official application store for Android devices.