Larimer County Genealogical Society

Warning: Free VPN Apps Turned Android Phones Into Malware-Loaded Proxies

Here is an article that is not about any of the “normal” topics of this newsletter: genealogy, history, current affairs, DNA, and related topics. However, it is a topic that I suggest that all computer users should be familiar with:

I will suggest that everyone should use a VPN (Virtual Private Network) for security and privacy purposes. I could write a book about why you want a VPN but that’s already been done by someone else. There is a very good online article titled “Why use a VPN? – Reasons why you need a VPN” by River Hart available at: https://proprivacy.com/vpn/guides/why-use-vpn.

If you don’t yet have a VPN or perhaps you wonder why you need one, I suggest you read that article.

There are dozens of VPNs (and DPNs) to choose from, including many free ones. I suggest you avoid the free ones (with one exception: Proton VPN) as many of the other free VPNs are filled with malware and spyware.

A malicious software development kit was recently discovered to be used by over 15 free VPN apps on Google Play alone, converting Android devices into unintentional residential proxies that were probably used for cybercrime and shopping bots. I am sure there are more malware and and spyware filled VPNs on other web sites that are advertised as being “free” but really are designed for nefarious purposes.

Although there are legal applications for VPNs and DPNs, such as SEO, ad verification, and market research, many cybercriminals use the so-called “free VPNs” to mask their illicit operations, such as phishing, ad fraud, spamming, credential stuffing, and password spraying.

Again, avoid the so-called “free VPNs” (with one exception: Proton VPN and even that one free VPN has some drawbacks, such as reduced speeds and limited “remote nodes” compared to the commercial product from the same organization).

I have experimented with paid VPNs over the years and have gained some experience. Right now, I am using a so-called DPN (or DVPN), a Distributed Private Network or Distributed Virtual Private Network that requires an upfront payment for some hardware but is then free forever after that. I probably will write about my successes (or failures) with that in an article in this newsletter in the near future. 

Hint: Preliminary results from using this DPN for a couple of weeks have all been positive.