“SuperVPN” is a Security and Privacy Risk for 100 Million Android Users
Last updated August 3, 2021
- SuperVPN has placed over 100 million people at risk of falling victims to MITM actors, yet it’s still available on the Play Store.
- Users have been complaining about its ad-based intrusive approach, paying no regard to its lack of encryption in communications.
- The developer of the app is in China, so the lack of security could be a case of intention rather than negligence.
The “SuperVPN” is one of the most popular free VPN tools for the Android platform, counting over 100 million installations on the Google Play store alone. As reported by VPNPro’s Jan Youngren however, this application is very dangerous and everyone should stop relying on it for anonymous internet browsing. The reason for this warning is that the app was found to be ridden with critical security and privacy flaws, allowing man-in-the-middle attacks which can intercept communications and expose the user’s browsing activity in full detail. As the researcher characteristically writes, people would be better off using no VPN at all, than SuperVPN.
Source: VPNPro Blog
Because of the lack of strong encryption in the communications between the server and the client, an attacker can very easily spoof the server and receive all of the users’ browsing data on their machine for analysis. Since the communication is based on the HTTP protocol, nothing is encrypted, so users could potentially lose their private text messages, passwords, photos, videos, and anything else they share with others, download, or just access online. Since the developer of “SuperVPN” resides in Beijing, China, these security gaps could very well be planted intentionally, or they may just be the product of extreme negligence.
Whatever the case, the public has been warned about the risks of using SuperVPN again in the past, when a 2016 university paper placed it on the top of the most untrustworthy free VPN tools for Android. Back then, SuperVPN only had 10000 installations, so its userbase exploded in the following years. As VPNPro underlines today, SuperVPN may be the worst, but it’s not the only dangerous to use "free VPN app for Android". Based on their latest findings, people should also avoid the following tools, as they too are vulnerable to MITM hacks:
- TapVPN Free VPN – 10 million installations
- Best Ultimate VPN – Fastest Secure Unlimited VPN – 5 million installations
- Korean VPN – Plugin for OpenVPN – 1 million installations
- VPN Unblocker Free Unlimited Best Anonymous Secure – 1 million installations
- Super VPN 2019 USA – Free VPN, Unblock Proxy VPN – 50000 installations
In addition to the above, there’s also a batch that has been removed from the Google Play Store recently, so many people may still rely on these apps for their online strolls. These are:
- Wuma VPN-PRO (Fast & Unlimited & Security)
- VPN Download: Top, Quick & Unblock Sites
- Secure VPN-Fast VPN Free & Unlimited VPN
- Power VPN Free VPN
As you can deduce from reading the entries on both lists from above, the names of these apps are quite descriptive, as they are looking to lure people with specific promises. In many cases, this works out very well for their developers. SuperVPN managed to create a humongous userbase of 100 million people in spite of the fact that multiple reports were warning the public against using it. If you want to take our advice on the matter, simply grab one of these seven trustworthy VPN tools for Android, and enjoy truly anonymous and safe internet browsing.
Related
Most Popular
Most Popular