“SuperVPN” is a Security and Privacy Risk for 100 Million Android Users

Written by Bill Toulas
Last updated August 3, 2021

The “SuperVPN” is one of the most popular free VPN tools for the Android platform, counting over 100 million installations on the Google Play store alone. As reported by VPNPro’s Jan Youngren however, this application is very dangerous and everyone should stop relying on it for anonymous internet browsing. The reason for this warning is that the app was found to be ridden with critical security and privacy flaws, allowing man-in-the-middle attacks which can intercept communications and expose the user’s browsing activity in full detail. As the researcher characteristically writes, people would be better off using no VPN at all, than SuperVPN.

vpn process

Source: VPNPro Blog

Because of the lack of strong encryption in the communications between the server and the client, an attacker can very easily spoof the server and receive all of the users’ browsing data on their machine for analysis. Since the communication is based on the HTTP protocol, nothing is encrypted, so users could potentially lose their private text messages, passwords, photos, videos, and anything else they share with others, download, or just access online. Since the developer of “SuperVPN” resides in Beijing, China, these security gaps could very well be planted intentionally, or they may just be the product of extreme negligence.

Whatever the case, the public has been warned about the risks of using SuperVPN again in the past, when a 2016 university paper placed it on the top of the most untrustworthy free VPN tools for Android. Back then, SuperVPN only had 10000 installations, so its userbase exploded in the following years. As VPNPro underlines today, SuperVPN may be the worst, but it’s not the only dangerous to use "free VPN app for Android". Based on their latest findings, people should also avoid the following tools, as they too are vulnerable to MITM hacks:

In addition to the above, there’s also a batch that has been removed from the Google Play Store recently, so many people may still rely on these apps for their online strolls. These are:

As you can deduce from reading the entries on both lists from above, the names of these apps are quite descriptive, as they are looking to lure people with specific promises. In many cases, this works out very well for their developers. SuperVPN managed to create a humongous userbase of 100 million people in spite of the fact that multiple reports were warning the public against using it. If you want to take our advice on the matter, simply grab one of these seven trustworthy VPN tools for Android, and enjoy truly anonymous and safe internet browsing.

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: