Home / Technology / 281 Free VPNs Fail Security Tests
281 Free VPNs Fail Security Tests
13 Jul
Summary
- Many free VPNs leak data, track users, or use outdated encryption.
- Five free VPN apps can be hijacked over Wi-Fi through configuration file tampering.
- Over 80% of tested VPNs contact known advertising and tracking servers.
A thorough examination of 281 free Virtual Private Network (VPN) applications available on the Google Play Store has uncovered widespread security vulnerabilities. These apps, with a combined total of over 2.4 billion installations, frequently fail to protect user data as promised.
Researchers found that numerous VPNs leak data, track user activity, and utilize outdated encryption protocols. Five specific apps were identified as being vulnerable to Wi-Fi hijacking attacks. This exploit allows attackers on the same network to redirect user traffic to malicious servers without the user's knowledge.
Furthermore, the study revealed that 76 VPN apps transmit advertising IDs, while 246 contact known tracking servers, often sharing device-specific information. Analysis of OpenVPN configurations showed that only one app met all security requirements, with many employing weak encryption or disabling it entirely.
These findings echo previous investigations, highlighting a persistent issue with free VPN services. Users are advised to prioritize providers with recent, independent security audits and to be skeptical of claims like 'verified' or 'no logs'.