March 26, 2024 at 12:40PM
Multiple free VPN apps on Google Play were found incorporating a malicious software development kit, transforming Android devices into residential proxies for potential cybercrime and shopping bots. These apps, originally promoting as VPN software, utilized the Proxylib SDK to convert devices into proxies without users’ knowledge. Google has taken action to remove these apps from the Play Store, but caution is advised when utilizing free VPN apps.
Based on the meeting notes, here are the key takeaways:
– Over 15 free VPN apps on Google Play were found using malicious software to turn Android devices into residential proxies, possibly for cybercrime and shopping bots.
– Residential proxies route internet traffic through devices in homes, making the traffic appear legitimate, but cybercriminals use them for malicious activities.
– Some proxy services employ unethical means to install their tools on people’s devices secretly, hijacking internet bandwidth without users’ knowledge and potentially exposing them to legal trouble.
– A report by HUMAN’s Satori threat intelligence team listed 28 applications on Google Play that secretly turned Android devices into proxy servers, including 17 passed off as free VPN software.
– These apps were found to be using a software development kit (SDK) by LumiApps that contained “Proxylib,” a Golang library to perform proxying.
– The malicious apps may be linked to the Russian residential proxy service provider ‘Asocks’ and are now listed again on the Google Play store after potential removal of the offending SDK by the developers.
– Google has removed new and remaining apps using the LumiApps SDK from the Play Store in response to the report by HUMAN and updated Google Play Protect to detect the LumiApp libraries used in the apps.
– Users are recommended to update or remove the listed apps from their devices, and in cases where the app was removed from Google Play and no safe version exists, users should uninstall it.
Overall, it is advisable to use paid VPN apps instead of free services, as many free products may implement indirect monetization systems that pose security risks.