Whenever you install a VPN you should make sure that it is reliable. It is an application that can collect all kinds of personal data and put your privacy and security at risk. In this article we echo a fake VPN that has been stealing information from many users and was present on Google Play. We are going to explain what it is and how you can avoid this type of problem.
A fake VPN sneaks into Google Play
Specifically, it has been the group of SideWinder hackers who have managed to sneak this fake VPN into the Google Play store . And that is a serious problem, since generally this type of store is where there is less probability of encountering fraudulent programs as there is a filter.
This group has a great infrastructure to carry out different types of attacks and this time it is a fake VPN program. As indicated by Group-IB, they sneaked a fake Secure VPN application into the Google Play app store. Also, according to security researchers, the description of that VPN was a copy of NordVPN, which is one of the most popular.
When the victim launches this fake application, it makes a series of requests to domains that are apparently owned by the attackers. However, during the investigation those links were no longer available and they could not really confirm what the cybercriminals’ goals were.
But this group of cybercriminals has already acted in a similar way before. They have already managed to sneak in other fake apps and they were aiming to steal a lot of information . Among the data we can name the list of installed applications, location, device files, information from the phone’s sensors, camera, screenshots or steal information from Facebook, Twitter or Gmail.
Therefore, it is believed that the purpose of this fake VPN was basically all of these that we have mentioned. The attackers wanted to steal all kinds of personal data and send it to a server controlled by them. We are facing a major problem, since VPNs are precisely used to try to improve privacy when browsing.
How to avoid this problem
So what can you do to avoid falling victim to a fake VPN like this or a similar one? The most important thing is common sense and avoid making mistakes. Whenever you are going to install a program of this type, you should carefully observe the name, the rating and possible comments from other users. This will give you clues as to whether you are installing a known program that works well or, on the contrary, it may be a scam.
We also recommend always downloading applications from official sources and secure stores, although this is not always a 100% guarantee, as we have seen in this case. However, it is a first filter that you will be able to do so as not to fall into the trap of programs that appear on third-party sites and that may be false.
Another essential issue to keep in mind is to always keep your devices up to date. In this way you can correct possible vulnerabilities that may exist. One way to prevent hackers from using this type of application to take advantage of a bug that may exist.
In short, as you have seen, we are dealing with a fake VPN that managed to sneak into the Google Play store. It is important that you take into account the use of a VPN for your mobile, but that you always install them with total security and avoid problems.
