The goal of today’s commercial VPN services is to safeguard your privacy and keep digital trackers at bay, among other things. To achieve that, they allow you to use a VPN connection for online security, which means that (at least in theory) VPNs have access to your sensitive data.
That's why knowing who owns the VPN you use is crucial. However, finding that information is often close to impossible, as VPNs frequently hide their actual owners through complex legal schemes. That's precisely why we wanted to answer the question of who owns the most popular VPN services and companies in 2024.
That said, TechNadu’s team deeply delved into corporate relationships between individual VPN brands to "expose" their actual owners. And as you're about to find out, a handful of companies own dozens and dozens of VPNs.
In this article, we reveal the actual owners of over 50 VPN services. We also explain why it's essential to know who owns your VPN, discuss various VPN ownership types and the risks of unclear VPN ownership, as well as answer some pressing FAQs.
Understanding who owns your VPN is crucial for numerous reasons, as it directly concerns your safety and privacy. After all, you're using an app that can process everything you do online, and you wouldn't want someone to misuse your highly sensitive information. Let's go over some of the most critical points of why knowing who is behind your VPN is essential.
VPNs can be owned by business entities that hide behind their parent companies. So, if such a VPN claims that your privacy is safe and that your data is shared only with its parent company, that doesn't mean much. In that setup, the parent company can do anything with your data, like share it with third-party buyers and governments.
Imagine that the parent company of your VPN is from China, a country without rigorous data security and privacy practices. Without your knowledge, your browsing (VPN) data could end up in China, and it would be impossible to know whether any third parties will gain insight into what you do online.
Again, if you're unaware of your VPN's parent company, you can't be aware of the security of your data. Your VPN might use high-end protective measures to prevent malicious actors from hacking into its servers, but the question is, what goes on when your data is transferred to another company? What measures does that company take to prevent unauthorized third-party access?
Hacking is just one of the possible concerns in this case. We've seen VPN providers collect data for various purposes, incorporating malicious trackers, selling personal data to companies who operate phishing schemes, and even reselling Internet bandwidth.
Until a few years ago, we've seen plenty of competition in the global VPN market. However, that changed once a handful of powerful companies started buying individual VPN services, which is clearly seen as counterintuitive and anti-competitive. By buying their way into the global VPN market, those companies gained the power to make VPNs much less competitive than before.
We've also seen companies go one step further. In addition to buying VPN providers, there were cases of acquiring media companies as well. That's why you must be very careful with VPN review sites, as some of the biggest ones share the same parent companies as some big-name VPN brands.
As mentioned above, it's not unusual for the same company to own multiple VPN brands, a relatively new trend in the VPN industry. However, this is where we come to the point of conflict of interest. Instead of merging those VPN providers, they're left separate to cater to different types of users, budgets, and priorities.
In most cases, those VPNs are merged in the background. That means they might share the same infrastructure and data-processing technologies. So, instead of striving for transparency, we can see an effort to separate individual VPN brands, even though they're not separate in practice.
Knowing where your VPN's parent company is headquartered can tell you a lot about its intention to protect your data. That's because each country treats personal data differently, and we also have unions and alliances that impose data retention and data protection laws. For example, the European Union is an excellent example of today's effort to prevent unneeded data logging.
Picking a VPN based in a country known for non-intrusive laws is a good starting point. However, you'll also want to know whether that country is part of any alliance through which data intelligence is shared.
A VPN that prioritizes user privacy and transparency won't have anything to hide. That applies to its ownership structure, data logging policies, the location of its headquarters, and possible connections to other VPN providers. That said, checking the level of transparency is usually a foolproof way to identify independent providers.
On the other hand, we have VPNs with vague privacy policies and confusing "About Us" pages, which can usually point to certain red flags.
VPNs owned by large corporations and conglomerates are more difficult to hold accountable for privacy breaches or unethical practices. Due to their complex ownership structure and hard-to-understand legal background, those VPNs can more easily bypass legal obligations in case of a breach.
In addition to being more transparent, independent VPNs are typically more open regarding their ethical standards. Also, they're usually more proactive in the case of a data breach, which we've seen happen before.
Today, we have independent and corporate-owned VPNs. However, there's also plenty of movement in the VPN industry, where individual providers can get acquired by larger ones or when two or more VPNs merge into one.
In this group, we have fully independent VPNs. They usually provide the highest level of transparency and the most easy-to-understand privacy policies. Since they're not owned by a corporation, their revenue directly depends on the relationship with their customers. They're also usually the first to go through independent audits to prove the privacy and security of their infrastructure.
We don't have too many examples of truly independent VPNs today, as mergers and acquisitions happen quite often. A good example is Mullvad, which comes from Sweden. However, even though it's one of the most trustworthy VPNs, its independent status means it's slow to roll out new features. We also have Proton VPN, which comes from Proton AG, a Switzerland-based company.
When searching for a VPN online, you'll most likely encounter corporate-owned VPNs, such as IPVanish, ExpressVPN, CyberGhost VPN, and more. They're owned by corporations whose operations stretch far beyond the VPN industry. Even though they come with complex legal backgrounds, many remain true to their no-logs policies and feature various degrees of transparency.
A corporate-owned VPN isn't necessarily a thing to avoid. It's still possible to find a trustworthy provider dedicated to preserving its users' privacy, even though another large company owns it. On top of that, since they have multiple funding channels, they typically offer large server networks and high-end specifications, and they're often very quick to develop new features.
This group contains VPN providers that have decided to combine their power and share resources to stay competitive in today's crowded VPN market. In most cases, this benefits their users, who get access to bigger server networks and more advanced features. However, mergers also create legal issues, as they affect terms of use and might change legal conditions.
For example, we have Ivacy, which recently merged with PureVPN, where the VPN's existing users were transferred to the new VPN provider. In that process, no legal conditions were changed, but as you'll find out soon, there are reports that Ivacy and PureVPN were owned by the same company from the start.
As per our findings, the companies that own the biggest number of VPN brands right now are AURA, Ziff Davis, Kape Technologies, ActMobile Networks, Gaditek, NortonLifeLock, Innovative Connecting, and SuperSoftTech.
The following table gives a glimpse into which VPNs are owned by the previously mentioned companies while also highlighting the location of their headquarters.
Nord Security comes from Lithuania, and it was co-founded in 2012 by Tom Okmanas and Eimantas Sabaliauskas. Initially known as "NordVPN," which was the company's only product back in 2012, Nord Security (Nordsec Ltd.) became the company's new name in 2017. However, NordVPN's early years were connected to several additional companies.
First, there's Tefincom, a company registered in Panama to serve as NordVPN's parent company. This country wasn't chosen by accident; it served as a privacy-friendly jurisdiction, allowing NordVPN to make its no-logs claims, which remain active to this day. That company's president, director, and legal representative is Marios Papoloizou, which is a name connected to another country as well.
More precisely, Marios Papoloizou's name is connected to another company of the same name (Tefincom S.A.), registered in Cyprus. This creates confusion, as three countries (Lithuania, Panama, and Cyprus) are mentioned when discussing NordVPN's ownership. However, as per NordVPN's legal documents (which have been pulled offline in the meantime), it's said that NordVPN falls under the jurisdiction of Panama; its attorneys are in Cyprus, while its employees are in Lithuania.
Panama and Cyprus are also very interesting locations for companies who wish to avoid paying high taxes in their home country. Of course, we can't claim that's why Nord Security has ties to those two countries, so we can only make assumptions in that sense.
Also, there's Tesonet, a tech company from Lithuania founded by Tom Okmanas to provide initial infrastructure support to NordVPN. As per the company's "About Us" page, Tesonet is the creator or investor in 30+ global products and hires more than 3,200 individuals. That said, we can find something interesting when we check the company's portfolio.
Among the brands owned by Tesonet are Nord Security, Surfshark (another hugely popular VPN, which we'll tell you more about soon), and digital products such as Oxylabs and Smartproxy. Those two are proxy providers that can be used for web scraping, price monitoring, AI development, brand protection, cybersecurity, and more. They work by allowing individuals and companies to buy a certain number of proxies (IP addresses).
In other words, Oxylabs and Smartproxy are similar to NordVPN and Surfshark, as they're designed to re-route your traffic, but for two opposite purposes. While NordVPN and Surfshark protect your privacy and encrypt your traffic, Oxylabs and Smartproxy change your IP address and allow you to scrape publicly available data. We can only hope that those companies don't work together in the background.
Previously, we also mentioned Surfshark. In 2022, Surfshark announced a merger with Nord Security. This VPN provider was developed under Tesonet and became an independent company headquartered in the British Virgin Islands. Upon merging with Nord Security, it moved its headquarters to the Netherlands but remained separate from NordVPN. Upon merging, the two VPNs made no changes to their Terms of Use, Terms of Service, or privacy policies.
In the end, we'll say that NordVPN and Surfshark remain our top-rated VPN providers despite their complex legal backgrounds. They both go through regular independent audits by highly reputable cyber-sec companies, frequently update their offers with new features, and remain highly transparent.
Key Takeaways:
Kape Technologies, which was previously known as Crossrider, was founded in 2011. As you can see from Crossrider’s archived website, the company's primary goal was to allow developers to create cross-browser extensions. Another aspect of Crossrider was its connection to ad marketplaces, allowing developers to monetize their software creations. In most cases, those were ad-based revenue streams, with Crossrider receiving a portion of the developers’ revenues.
Soon after reaching its peak of popularity, Crossrider's technology was used by over 60,000 developers. This was when issues started to appear, with malicious actors developing extensions for serving harmful code in intrusive ways. As noted by Krebs on Security, the first wave of Crossrider malware was highly successful, paving the way for various malware strains that still operate even today. In the meantime, cyber-sec companies like Malwarebytes, Microsoft, and Sophos started talking about Crossrider, tarnishing the reputation of Kape’s predecessor.
In the meantime, Crossrider acquired companies such as Ajillion, Definiti Media, and Reimage. The first two were related to cloud-based and performance-based ad networks. However, Reimage continues to exist, being an application for repairing Windows PCs (often being accused of using "false positives" to persuade individuals into paying for software repairs). Applications like Restoro and DriverFIX also became part of Crossrider, focusing on system optimization of Windows PCs.
Then, in 2017, Crossrider took a very unexpected turn, deciding to focus on cybersecurity. The first VPN brand that Crossrider acquired was CyberGhost VPN, for approximately $10.4 million. Soon after, the company decided to change its name to Kape Technologies to start from scratch and cut any connections to various Crossrider malware breeds, trying to build a trustworthy brand reputation.
In 2018, Kape Technologies acquired ZenMate VPN, a German VPN service, for $5.5 million. And in 2019, Private Internet Access VPN was acquired for $95 million. In the meantime, ZenMate VPN merged with CyberGhost VPN. However, Private Internet Access grew substantially, positioning itself as a more advanced VPN that remains based in the US.
Just recently, Kape Technologies revealed its most significant foray into the world of VPN services by deciding to acquire ExpressVPN for more than $936 million. This was undoubtedly a major investment for Kape, whose revenue in the first 6 months of 2021 was $95.5 million (recurring revenues amount to $59.1 million).
However, it's also interesting to note that Kape Technologies became the latest owner of Webselenese in March 2021. That company owns several software review websites, with vpnMentor and WizCase leading the pack. Naturally, this seems like a highly problematic action, as both were independent sites previously. Once Kape Technologies became the new owner, both of those websites went through interesting changes.
For example, upon checking an archived page of vpnMentor from 2020, we saw that the following VPN services were recommended – (1) NordVPN, (2) ExpressVPN, (3) Surfshark, (4) CyberGhost VPN, and (5) Private Internet Access. However, that’s no longer the case as the top 3 VPNs as per vpnMentor are (1) ExpressVPN, (2) CyberGhost VPN, and (3) Private Internet Access – all three of which are now under Kape’s ownership.
Finally, we also need to tell you that Kape’s biggest shareholder is Unikmind Holdings Limited, which has 61.18% of total voting rights. The beginnings of that company are not known. As far as we can tell, Unikmind Holdings was first mentioned in 2017, related to a transfer of share capital from Solidinsight Trust to Unikmind, whose sole beneficiary was and still is Teddy Sagi.
Teddy Sagi was one of the leading investors in Crossrider, alongside Koby Mehachemi, who acted as the company's CEO until 2016 when Crossrider lost 60% of its value.
Sagi has a colorful background. In his 20s, he was caught manipulating bond prices, spending nine months in jail for "grave deceit, bribery, and insider trading." However, he earned his wealth via Playtech, an online casino software provider from Estonia. Relatively recently, he escaped an assassination attempt in Cyprus due to "debts he owes to Russian business partners."
Key Takeaways:
AURA’s complex story begins with a company called WC SACD One Parent, Inc. (registered in Burlington, Massachusetts, the USA, and still in operation), a joint venture entity formed by iSubscribed, WndrCo, and General Catalyst. In 2018, WC SACD announced its plans to acquire Intersections Inc., known for its security platform called Identity Guard. That acquisition aimed to integrate Identity Guard with Intrusta, a cybersecurity tool (antivirus) owned by AURA. That acquisition was completed in January 2019.
In July 2019, five months after the Intersections Inc. acquisition, iSubscribed and Intersections announced a combined business entity called AURA. At that time, AURA’s primary focus was on personal identity protection and digital security services, including antivirus software, detection and removal of ransomware and spyware, social media insights reports, monthly credit scores, and similar.
It didn’t take long for AURA’s initial focus to become broader, starting to include VPN services. The first signal of that was AURA’s acquisition of Pango, which happened in July 2020. Before that, AURA acquired FigLeaf and Privacy Mate, digital services that monitor and "prevent the collection, sale, and dissemination of your private information."
Upon further investigation, TechNadu’s team discovered that Pango’s former name was AnchorFree, which was heavily associated with Hotspot Shield VPN. The relationship between AURA and Pango began long before the acquisition took place. More precisely, AnchorFree reported in 2018 that WndrCo agreed to invest $295 million to further product development and market expansion. As mentioned above, WndrCo was one of the three entities to have formed WC SACD One Parent Inc., alongside iSubscribe, which would later become AURA.
If we take a look at WndrCo’s portfolio, we'll see that many companies and products are mentioned, with 1Password being on that list as well. We can make an interesting connection there, as Hotspot Shield VPN used to offer 1Password as part of its subscription. That doesn't have to mean Hotspot Shield and 1Password are sharing any data. However, since the same company/investor is in the background, this gives us an idea of why and how using a genuinely independent VPN service has become imperative these days.
We'd also like to take a slight detour here and remind you that Hotspot Shield has never been known as a trustworthy VPN service. In 2016, academics cited the VPN in a research paper for using aggressive tracking libraries. In 2017, the VPN was accused of unfair and deceptive trade practices. And in 2018, it was discovered that Hotspot Shield contained a flaw exposing VPN users and their locations. All of that was before AURA acquired that VPN brand.
In its announcement of the Pango acquisition, Hotspot Shield was mentioned as Pango’s premier VPN service. However, what wasn't said is that Pango owns several smaller VPN brands, such as Betternet, Ultra VPN, VPN 360, Touch VPN, VeePee VPN Proxy, VPN in Touch, and Hexatech VPN & Proxy.
Many of the previously mentioned VPN services continue to operate, even though they look identical. What's problematic here is that many of those VPNs try to hide the fact that a corporation, such as AURA, owns them. For example, if we check Betternet’s website, we’ll see that it says 'Betternet LLC Inc.' at the bottom of its home page.
However, once we go to Betternet’s terms of service, we see that 'BetterNet Software' and 'Pango' are specified. There's no mention of AURA or any other corporate relationship that might influence how personal data might be collected and processed.
We have one more interesting example. If you check Ultra VPN’s website, you'll find plenty of rather general descriptions of the VPN without ever mentioning which company owns it. Once you navigate to Ultra VPN’s terms of service, you’ll see that you’re entering a legal contract with "Intersections Inc., AURA, or its affiliates."
AURA’s and Pango’s reach goes beyond the VPNs owned by those brands. As an example, we’ll mention Bitdefender Premium VPN. If you click on the provided link, you’ll be taken to TechNadu’s review, where we noted that Bitdefender uses Pango’s infrastructure for its VPN service, which raises the question of privacy and safety of its paying customers.
Finally, it’s worth noting that AURA’s privacy policy sounds reassuring, at least regarding its VPN services. The company says that it doesn’t collect VPN browsing activities that can be traced back to you. Also, AURA doesn’t inspect the contents of what you browse, view, or do through the company’s VPN services. Instead, only anonymous and aggregated information is collected. Only time will tell whether the company is taking its legal documents seriously.
Key Takeaways:
Ziff Davis is one of the biggest business entities in today's tech world, as it owns a considerable number of brands related to shopping, entertainment, health, and cybersecurity. However, before we start exploring this company, know that Ziff Davis was previously known as J2 Global Inc., which completed its separation into two companies in October 2021. That's how J2 Global became Ziff Davis, while Consensus is now a separate tax-free spin-off.
Ziff Davis’ foray into the world of VPNs started with its acquisition of StackPath, in July 2019. More precisely, Ziff Davis acquired Highwinds Capital and Cloak Holdings from StackPath, getting access to brands such as IPVanish and Encrypt.me (previously known as Cloak). It’s interesting to note that IPVanish started as an independent VPN service created by Highwinds Network Group before being acquired by StackPath. Encrypt.me (Cloak) has been developed by StackPath from the beginning.
However, StackPath’s Highwinds Network Group isn’t the only VPN company owned by Ziff Davis - here’s where NetProtect comes into play. It’s unknown whether NetProtect was founded as a subsidiary of J2 Global or whether an acquisition happened, but if we check NetProtect’s official website, we see that J2 Global owns it. More interestingly, that company claims to hold a number of VPN brands, such as IPVanish, Encrypt.me, SaferVPN, and StrongVPN.
At one point, J2 Global acquired a relatively small and up-and-coming VPN called Buffered VPN. As reported by our team in 2019, Buffered VPN ceased its operations after agreeing to be merged with Encrypt.me. This is where we’d like to point out a highly unusual situation regarding Buffered VPN, as one of its owners used to be Pete Zaborszky, who was also in charge of a hugely popular VPN review website (BestVPN.com).
In the meantime, BestVPN.com changed its name to ProPrivacy.com and is still operating. Considering that Buffered VPN is now part of J2 Global, this raises the question of that company’s relationship with ProPrivacy, which claims to be independent. As you're about to find out soon, J2 Global owns several media companies and hugely popular websites.
With that said, it's evident that NetProtect absorbed VPN products from StackPath, while also managing to add a couple of additional VPN services on its own. However, NetProtect’s website hides the fact that more VPNs are involved. And this is where the story of StrongVPN continues.
As per StrongVPN’s legal documents, the VPN is owned by Strong Technology LLC, based in Seattle, the United States. That’s a subsidiary of J2 Global, which is now called Ziff Davis. At one point, StrongVPN started to expand, acquiring ibVPN. Since then, ibVPN ceased its operations, and the VPN’s customers and technology merged with Strong VPN.
The same happened with SaferVPN, which is no longer operational. Also, the same applies to Encrypt.me (after absorbing Buffered VPN) and Overplay VPN, both of which no longer operate on their own.
We also need to mention another digital product NetProtect offers, called WLVPN. That white-label VPN solution provides backend coding, network engineering, and global VPN infrastructure to other businesses. So, for example, if you decide to launch your own VPN business, you can use WLVPN and its entire infrastructure instead of building its own.
WLVPN used to list only four VPN brands on its 'Partners' page: StrongVPN, OverPlay, Encrypt.me, and VPNhub. Three of those are owned by WLVPN’s parent company (NetProtect/Zeff Davis), while VPNhub comes from the creators of Pornhub. A quick online search also reveals that Namecheap's VPN uses WLVPN, as it instructs its users to rely on WLVPN’s domains. If you’re not confused already, we’ll also add that Namecheap VPN is now called FastVPN.
Also, lesser-known VPNs such as Tweaknews VPN, Easynews VPN, PrivadoVPN, and Newshosting Usenet rely on WLVPN. Needless to say, that list doesn’t stop there.
Let’s not forget that Ziff Davis also owns media companies and online portals such as PCMag, Mashable, ExtremeTech, and IGN. Regarding their VPN reviews, they seem to be on the objective side, at least for now. And lastly, it's worth mentioning that ZDNet, another hugely popular website, was founded by Ziff Davis in the 1990s (ZDNet – Ziff Davis Net). However, that website is no longer under Ziff Davis' ownership.
Key Takeaways:
Proton AG, formerly Proton Technologies AG, is a fantastic example of a private company that values total transparency. As such, it should serve as an example in the VPN industry. It was founded in 2014 by a group of scientists who met at CERN (the European Organization for Nuclear Research), which is the same year that Proton Mail, an encrypted mailing service, was launched. Even today, Proton Mail is the company's flagship product, used by individuals, journalists, and activities around the world.
In 2017, Proton AG launched Proton VPN after over a year of crowdfunding. It instantly became popular due to its free-of-charge tier as an answer to certain countries' blocks of Proton Mail. Over the years, Proton VPN became open-source, audited by independent cyber-security companies multiple times, and the lifeline for users in countries with heavy censorship.
Aside from Proton VPN and Proton Mail, this company now offers additional products, including Proton Calendar, Proton Drive, Proton Pass, and Proton Wallet. In 2022, Proton AG acquired SimpleLogin, an open-source service that allows users to use email aliases to protect their privacy. In 2024, the company acquired Standard Notes, an end-to-end encrypted note-taking application, integrated into Proton's existing suite of apps in the following months.
What's important to mention is that Proton AG doesn't hide behind offshore companies. It comes from Switzerland, a country with a strict rule of law. Due to that, it risks being held legally accountable for breaches of user privacy or false advertising. Furthermore, Swiss laws prevent companies from unauthorized sharing of user data, including those of foreign intelligence agencies. All in all, Proton VPN has an incredibly strong legal background.
We'll also add that the primary shareholder of Proton AG is the Proton Foundation, a Swiss non-profit without any shareholders. That separates Proton AG from individual financial interests while being aligned with the Foundation's goals of investing in developing technologies that promote privacy and security on the Internet.
Furthermore, Proton AG employees own the vast majority of shares that the Proton Foundation does not hold. The remaining shares are held by FONGIT (Fondation Genevoise pour I'Innovation Technologique), a Swiss non-profit organization that supports entrepreneurs. In the past, Proton AG benefited from support from Innosuisse (the Swiss Federal Innovation Agency) and the European Commission, but those organizations don't hold any shares.
Key Takeaways:
If you visit Gaditek’s site, you'll find plenty of highly interesting and somewhat contradicting information. For example, the company says that it owns 4 brands and has over 700 employees. However, upon checking the company’s ‘Our Impact’ page, we see that six brands are listed. Among those is PureVPN, where the story of Gaditek’s highly problematic practices starts to unfold.
Upon checking PureVPN’s terms of use, we can see that Gaditek isn't mentioned. Instead, once you subscribe to this VPN, you enter an agreement with GZ Systems Limited, which used to be based in Hong Kong until recently. In 2020, there were plenty of changes in Hong Kong due to China’s new ‘National Security Law,’ which created many issues for VPN services and other tech companies.
As a response to those events, GZ Systems Limited is now a company based in the British Virgin Islands, which is seen as a privacy-respecting territory, paving the way for many VPN companies to move their headquarters to that exotic location. On the outside, everything about PureVPN seems excellent, as the VPN promises not to log your data while promoting a huge number of highly advanced features at incredibly affordable prices.
However, an interesting event that happened in 2017 revealed that PureVPN wasn’t honest about its policies. More precisely, the VPN assisted the FBI in catching a cyberstalker. As it turned out, PureVPN used to log IP addresses and associated timestamps, which turned out to be more than enough to identify someone. At that time, PureVPN claimed not to collect any logs, which clearly turned out to be false.
We also need to inform you that PureVPN seems to have learned a lot since that incident. In 2019, the VPN went through an independent audit conducted by Altius-IT. Since it’s now based in the British Virgin Islands, there could be a possibility that PureVPN no longer logs any personally identifiable data.
Now, let’s return to Gaditek. After years of rumors that Ivacy VPN and PureVPN were created by the same company, Ivacy finally admitted that connection in 2019. If you click on the provided link, you’ll be taken to a blog post published by Ivacy, which is doing its best to minimize any possible impact of its connection with PureVPN.
Everything about Ivacy is shrouded in mystery. You won't find plenty of information about its founders, development path, or anything similar. In one instance, an Ivacy spokesperson mentioned 'Saad Khan' as Ivacy’s CEO. As rumored online, that might be Muhammad Saad Khan, who is employed by Gaditek and associated with Cloudways, a Gaditek-owned brand. On Twitter, you can find him recommending PureVPN quite often.
We know that Ivacy VPN claims to be owned by 'PMG Pte,' a company based in Singapore. However, trying to find any additional information about that company is futile. We managed to find PMG's address, but that's pretty much it. Also, we came across an interesting Reddit story of how Ivacy’s representatives tried to bribe a review website to get a favorable score.
The proof of the connection between Ivacy and Pure VPN came in 2024 when the two VPNs finally merged. Ivacy remained a separate brand, but it started using Pure VPN's infrastructure. Also, all of the existing Ivacy users were migrated to Pure VPN.
To identify any other VPN products made by Gaditek, we stumbled upon the LinkedIn profile of Uzair Gadit, who’s not only one of Gaditek’s co-founders but also the CEO of PureVPN and one of Kill Ping's co-founders. Kill Ping isn't exactly a VPN service, but it uses similar technology to manipulate your data to reduce ping times when playing games.
We also need to mention that OneVPN was also presented online as a VPN app made by Gaditek. However, it appears that OneVPN is no longer operational. As per the VPN’s Twitter profile, that digital service came from Hong Kong, which was the case with PureVPN until recently. So, even though we can’t verify that connection, there are reasons to believe that OneVPN used to be a Gaditek-made product as well.
Our LinkedIn search for employees who could connect Gaditek to additional VPN services led us to Muhammad Wasim, a full-stack engineer. His LinkedIn profile mentions that he currently contributes to PureVPN, but he also mentions a next-gen VPN service called Atom. As it turned out, Atom is a service by a company called Secure.com, whose official website places its headquarters in Switzerland. However, its connection to Gaditek is clear, as Secure.com’s founder is none other than Uzair Gadit.
Atom by Secure.com acts as a white-label VPN service, which means that just about anyone can use its infrastructure to create their own VPN application. Atom's website mentions PureVPN and Kill Ping as its customers. With that said, we can't know with certainty what other VPNs use Atom's (Gaditek’s) services, but there’s a reason to believe that Gaditek’s reach is even more expansive than it might appear.
In the end, we’d like to remind you that Gaditek is based in Karachi, Pakistan. As you already know, Pakistan is known for its strict regulation of the Internet. As reported by Privacy International, that country is in possession of tactical communications surveillance tech. Also, Pakistani data processing companies are bound by data retention requirements. And finally, this country’s government is known for blocking social media access and requiring individuals to register their use of VPNs.
Key Takeaways:
As you’re about to see, companies that own multiple VPN brands don’t have to be international corporations, even though that’s most often the case. This is where we’d like to introduce you to ActMobile Networks, which offers a range of VPN services used by over 75 million individuals, as reported on the company’s official website.
According to ActMobile’s CrunchBase profile, this is a US-based company founded in 2011 by serial entrepreneur Andrew Foss and former Seagate executive Tim Bush. Interestingly, very little is known about Foss and Bush, as they don't even have LinkedIn profiles. However, we know that ActMobile acquired Colimetrics Software (from India) in an all-stock deal in 2014.
So, let’s return to ActMobile’s VPN-focused business. The company's site heavily emphasizes its while-label service without explaining its infrastructure, what it offers, or saying anything about its existing clients. Upon further investigation, TechNadu’s team discovered an archived page of ActMobile’s website featuring Dash VPN alongside two other apps called Dash Net and Dash Browser.
As it turns out, Dash VPN has a website, and it appears it's an active VPN. Strangely enough, the VPN is actually called VPN Dash (last updated in May 2021) on the Google Play Store and iOS App Store. In the past, ActMobile's Play Store profile also listed another VPN, Dash Net Accelerated VPN, which is no longer available for download.
However, Dash VPN isn’t the only VPN owned by ActMobile Networks. The company’s official website says that ActMobile powers "one of the largest VPN services on the planet." That VPN network is called FreeVPN.org, which also acts as a white-label service.
Of course, since the same group of individuals operates it, we can see many similarities between ActMobile and FreeVPN.org. More precisely, we’ve discovered that FreeVPN.org operates Free VPN (yes, we understand how confusing all of this sounds), which is available for Android, iOS, and macOS. And finally, that same company used to operate VPN Pro.
Upon trying to find additional VPNs that might be related to FreeVPN.org, we stumbled upon Unicorn VPN. Even though FreeVPN.org or ActMobile are never mentioned on Unicorn VPN’s website, all three share practically identical websites, identical privacy policies, and terms of use.
Of course, that’s not where the story of ActMobile ends. Our team also discovered another company registered at the same address in Pleasanton, California – called Open-VPN.org. That company operates VPN Owl (Android, iOS), VPN US (iOS), Messenger VPN (iOS), Video VPN (iOS), and Snap VPN (Android).
We’re sure you’re at least slightly confused by now. So, to summarize, the following are the VPNs owned by the same group behind ActMobile: Dash VPN, Dash Net Accelerated VPN, Free VPN, Unicorn VPN, VPN Owl, VPN US, Messenger VPN, Video VPN, and Snap VPN. Therefore, nine VPN services in total.
What's problematic is that some of those apps have thousands of reviews on Google's and Apple's app stores, meaning many individuals still use them. Those VPNs come with highly problematic privacy policies, promising not to collect a single file about you. However, many of those can be used for free by watching ads. For something like that to happen, at least some data must be collected.
The story of ActMobile Networks should serve as a warning sign to stay away from free VPNs. Aside from leaking your sensitive data, free VPNs abuse your privacy by actively collecting your browsing history and more. That said, it’s worth spending at least a couple of dollars per month on using a well-known VPN brand.
Key Takeaways:
In case you ever searched online for an antivirus application, you've probably stumbled upon Avast. That is one of the best-known cybersecurity brands, offering an incredibly wide range of apps designed to protect you and your digital devices from online threats. With that said, it's no wonder that Avast owns a VPN as well, called Avast SecureLine VPN.
In our review of SecureLine VPN, we said that Avast’s VPN solution lacks many features found in its competitors. On top of that, we have to mention that Avast was one of the first companies to have removed its servers from Hong Kong, which happened in 2020 when the privacy of a considerable number of individuals was at stake. However, that's not where this company's VPN focus ends.
This is where we’d like to introduce you to a VPN called HideMyAss (also known as HMA). That VPN’s 'About Us' page tells a "story" about Jack Cator, who founded HMA in 2005, wanting to offer a digital service that protects individuals on the Web. On that page, it’s also said that "providing privacy means providing transparency" – but that’s precisely what HMA lacks.
HMA’s page that lists all of its legal documents will ask you to read thousands and thousands of highly complex sentences. If you look hard enough, you'll see that Avast (Avast Software SRO) is the actual owner of HMA.
That same VPN was caught logging data despite claiming that it offers a no-logs policy. It was happy to work with the FBI to provide details about one of its users (starting 2020, HMA once again claims to offer a no-logs policy). Also, when things started to become problematic for VPN users in Russia, HMA was perhaps the first VPN to cease its operations in that country.
Now, we'd like to introduce you to AVG Secure VPN. That used to be an independent VPN until 2016 - when Avast acquired AVG for $1.3 billion. However, AVG still exists as a standalone brand, even though AVG Secure VPN and Avast SecureLine VPN are practically identical (they even share the same infrastructure).
What’s highly worrying about Avast is an event that happened in 2020. That’s when it was discovered that Avast used to collect private information from millions of its users. That data was later sold through 'Jumpshot,' a subsidiary of Avast. As per the reports published by PCMag and Motherboard, Avast collected information related to Web browsing activities, GPS coordinates, points on Google Maps, LinkedIn profile visits, porn website visits, and more.
And finally, you’ve probably noticed that this segment’s heading mentions 'NortonLifeLock.' Well, that’s because Avast was acquired by NortonLifeLock (for $8.6 billion), which was previously known as Symantec (known for its range of Norton antivirus applications). With that said, all Avast’s VPN products became NortonLifeLock/Symantec-owned brands (which is a US-based company, while Avast will continue to operate from the Czech Republic).
Key Takeaways:
Innovative Connecting is "an Internet start-up whose focus is on network tools development and promotion." For a company that claims to have 5 million users in 130+ countries, we have to say that their website looks somewhat bleak, missing to showcase critical legal documents.
Innovative Connecting has always been a secretive company, with numerous online reports trying to pinpoint its true owners. However, when it comes to its VPN products, the Play Store listing for Innovative Connecting leads us to two VPNs: VPN Monster and Turbo VPN. As is the case with many similar companies, they also used to offer a maintenance app called Turbo Phone Cache Cleaner.
Now, let’s return to Innovative Connecting’s website. You won’t find VPN Monster and Turbo VPN mentioned there. However, the website (last updated in 2018, as it seems) showcases an app called VPN Proxy Master, which even has its own website. After checking that website, we saw that a company called Lemon Clove is specified.
Upon checking the Play Store listing for Lemon Clove, we identified an additional couple of VPNs, called VPN Proxy Master – Safer VPN and Secure VPN Proxy Master Lite. Almost everything related to those two VPNs is identical to the apps offered by Innovative Connecting, making us 100% sure that the same team is behind all four of those apps.
Next, we saw that certain online reports mention Turbo VPN as the premium VPN offered by Innovative Connecting. However, the Play Store listing for Turbo VPN (which is no longer available) says that its owner is a company called Autumn Breeze. Of course, we tried looking up Autumn Breeze’s website, which is somewhat hard to find, even when using Google. However, what we saw looked close to identical to the two previously mentioned companies.
Unlike its sibling companies, Autumn Breeze offers more than a couple of VPN services. At one point, products made by this company were Signal Secure VPN (previously known as VPN Robot), Turbo VPN, SuperNet VPN, Snap VPN, and HOT VPN. Therefore, five VPN apps in total.
All of the previously mentioned VPNs come free of charge. However, many offered in-app purchases, allowing you to become a paid subscriber. As per SensorTower’s estimates, Turbo VPN had 4 million downloads last month. Lemon Clove’s VPN Proxy Master was downloaded 3 million times during the previous month.
As mentioned before, Innovative Connecting claims to be based in Singapore. That might be the case, but deeper research revealed a possible connection to China. For example, the majority of the company’s employees come from China, even though they claim to be based in Singapore at the moment. There are some online reports that Innovative Connection was founded and run by Chinese citizens, but we couldn't confirm that.
In the end, we managed to verify that Innovative Connecting owns the following VPNs: VPN Monster, Turbo VPN, VPN Proxy Master, Signal Secure VPN, Turbo VPN, SuperNet VPN, Snap VPN, and HOT VPN. Some of those have regular and “lite” versions offered separately. With that said, more than 10 VPN apps that have millions of users around the world come from this company.
This leads us to those VPNs’ privacy policies, essentially the same for all the previously listed apps. They claim that specific diagnostic data is collected alongside certain types of information that include general (daily) timestamps, VPN locations used, and your country/ISP of origin. Also, the VPNs connect the total sum of data transferred, speed test data, and crash reports. What’s important to mention is that Innovative Connecting claims not to collect personally identifiable data.
Of course, asking you to trust Innovative Connecting would be impossible. This company has a secretive background, offering barebones websites without the most essential legal documents. And yes, it has millions of users willing to provide all their data for an opportunity to use a free VPN, which seems like an incredibly high price to pay.
Key Takeaways:
SuperSoftTech is a true example of how even a seemingly small app developer can get access to the data of millions of individuals. As you're about to find out, this will be a cautionary story about the importance of not trusting any app out there, let alone a VPN app.
If we check SuperSoftTech’s Play Store listing, we'll see that two VPNs are listed there: SuperVPN Free VPN Client and SuperVPN Pro. The ‘Free’ version has 100,000,000+ downloads on the Play Store, while the ‘Pro’ version has “only” 10,000,000 downloads. We’ll also see that both apps come from ‘SuperSoftTech,’ which is reportedly based in Singapore.
So, you probably wonder what’s alarming about this app developer. Well, many things. First of all, SuperSoftTech doesn't have an official website. It has a registered domain but redirects to the VPN's Play Store listing. Then, SuperVPN Pro redirects to a very short privacy policy (written by a non-native English speaker) that fails to explain what happens to your personal data.
Previously, another VPN was listed as SuperSoftTech’s product, called LinkVPN. However, that app is now owned by FuryWeb Tech (and has 1,000,000+ downloads), located in Hong Kong. Interestingly, LinkVPN has an identical privacy policy as the SuperVPN-branded apps, indicating that all three apps have the same creator.
This is where we’d like to introduce you to Jinrong Zheng, who is rumored to be behind SuperSoftTech and FuryWeb Tech. Zheng might reside in Singapore or Hong Kong, but it looks like he’s a Chinese citizen. Of course, finding any concrete information online is impossible, which applies not only to Zheng but also to pretty much anything related to SuperVPN apps and LinkVPN. That kind of secrecy is a major red flag in the world of VPNs.
Now, here’s another alarming fact about SuperVPN. Back in 2016, a research paper from a group of respected cyber-sec analysts noted that SuperVPN is among the most problematic Android apps out there, requiring a broad scope of user permissions.
It took years for Google to notice this app and delist it from the Play Store, which happened in 2020. However, we can see that SuperVPN apps are once again available and more popular than ever before.
Key Takeaways:
So far, we have talked about corporations and smaller app development companies whose combined market share of today’s VPN industry is substantial. However, you’ll find many indie developers trying some of the abovementioned techniques, like producing several VPN apps that target different demographics.
That said, we've done an in-depth search through Apple's App Store and Google's Play Store for developers with more than one VPN app. We've often discovered free-of-charge VPNs with vague privacy policies and overly aggressive marketing messages.
So, to help you navigate your way through today’s highly complex VPN world, we’ve created the following table, showing indie developers with more than a single VPN app, often reaching millions of users by promising to protect their data for free.
Are all of the VPNs found above dangerous? Well, that’s hard to tell. This article aims to show you the importance of picking a trustworthy VPN. That’s done by taking a close look “behind the scenes,” which is why proper research is imperative. Generally speaking, if a developer offers several apps with practically identical visual design and the same privacy policy, that's a major red flag, more often than not.
Not knowing who owns your VPN is problematic on several different levels. The VPN you use processes a lot of your sensitive information, so it's your obligation to know who can see that data. Not knowing that puts you at risk of data sharing with government and third parties, unauthorized logging, and surveillance. Here's more information:
The goal of this report wasn’t to dissuade you from using a VPN to protect your online privacy. Our goal is to inform you about the current state of the VPN industry, helping you make a well-informed decision about who you can trust. As you know now, most VPNs have complex legal backgrounds, so not knowing who owns them exposes you to numerous malicious practices, such as data logging, surveillance, digital tracking, malware, and more.
That said, our team highly recommends using a VPN, especially in today's digital world where data logging is prevalent. That said, you’ll want to check our list of the best VPNs right now, where you'll find a long list of high-end VPNs that care about your privacy. More importantly, those VPNs come from safe jurisdictions, have a proven track record of not logging data, and feature solid tools to keep you safe and sound online.
If you have any questions, use the comments section below. The same applies if you want to share your thoughts. And lastly, thank you for reading!