investigations

Free VPN Investigations Update (August 2019)

This update to our Free VPN Ownership Investigation and Risk Index shows that three quarters of all the apps featured are still potentially unsafe. We shared this with Google and Apple but they ignored it.

Free VPN Investigation Update July 2019 Header
Simon Migliano
By Simon Migliano

Key Findings

  • Apple and Google are allowing numerous extremely popular but potentially unsafe free VPN apps to remain in their app stores.
  • The companies have ignored formal advice regarding the apps that continue to pose a privacy risk after previously being identified in two widely-reported VPN investigations.
  • We are making public in this report the substance of that advice to help free VPN users avoid compromising their privacy.
  • 77% of apps identified as potentially unsafe in our VPN Ownership Investigation still pose a risk.
    • That report revealed nearly 60% of popular free VPN apps were secretly Chinese-owned and that nearly 90% had serious privacy flaws.
    • Downloads: over 210 million total (Play); 3.8 million per month (App Store)
  • 74% of apps identified as potentially unsafe in our Free VPN Risk Index still pose a risk.
    • That report showed 85% of 150 Android apps tested to have unsafe permissions or functions; and that
    • 25% exposed users via DNS, WebRTC or IP leaks.
    • Downloads: 518 million installs from Play – up from 260 million in six months.
  • 80% of the top free VPNs in the App Store are also in breach of Apple’s data sharing ban, our analysis shows.

Introduction

Demand for free VPNs – already huge – is accelerating at breakneck pace, driven by increasingly-frequent internet shutdowns and surveillance around the world.

Incredibly, as many free VPNs have been downloaded (from official sources) since the start of 2019 as had been downloaded in total up to that point, our research shows.

I published two free VPN investigations at the turn of the year to investigate this growing phenomenon.

I made highly disturbing discoveries about both the nature of the companies profiting from this surge in demand and the quality of the service they are providing.

Several months after my reports were published, neither Google nor Apple had acknowledged my widely-reported findings.

In the hope of prompting them into action, we emailed the two companies detailed updates on our findings. This advice showed them exactly which apps from each investigation in their respective app stores still posed a risk to consumers and formally requested action to reduce that risk.

We advised them that:

We wanted to make it as easy as possible for Apple and Google to fix the problem, so our written notices included:

  • Detailed lists of the potentially unsafe apps
  • Links to the relevant parts of our research
  • Links to the relevant listings on the app stores
  • Recommendations of what steps to take to improve the situation
  • An offer to share our knowledge of reviewing VPN services to help set appropiate minimum standards

Google and Apple simply ignored our warnings.

This report makes public the current situation with free VPN apps in the App Store and Play.

Our goal is two-fold:

  1. to help the public avoid risking their privacy
  2. to put more pressure on Apple and Google to act.

The main body of this report has four chapters that follow this Introduction:

  1. Ownership Investigation: summary of updated and original findings
  2. Ownership Investigation: current status of individual apps
  3. Risk Index: summary of updated and original findings
  4. Risk Index: current status of individual apps

VPN Ownership Investigation: Summary

Our Free VPN Ownership study, published late last year, investigated the companies behind the most popular free VPN apps in Apple’s App Store and Google Play.

We examined the 30 apps making up the top 20 search results for “VPN” across the two app stores.

We dug deep into the ownership of the companies operating these services, assessed their privacy policies and tested their customer support.

Our key findings made for discomforting reading:

  • 59% of apps had hidden Chinese ownership, despite the strict VPN ban in China and that nation’s notoriety for censorship and internet restrictions
  • 86% of apps had privacy policy flaws, including
    • no policy at all
    • generic policies with no mention of VPN
    • no detailed logging policy
    • data sharing with third parties
  • 64% of apps had no dedicated website, making it difficult to find corporate information about the service provider

In our review of those findings, we looked at whether flagged apps are still available to download and whether they had updated their policies or increased their transparency.

The results of that review are:

  • 77% of apps flagged as potentially unsafe when the study was first published continue to pose a privacy risk and yet remain available for download
  • The potentially unsafe apps represent 67% of all those originally investigated
  • The affected apps have continued to increase in popularity since we published our findings
    • Google Play downloads of apps we flagged as potentially unsafe have soared to 214 million in total, rocketing by 85% in six months
    • Monthly installs from the App Store held steady at around 3.8 million, which represents a relative increase as this total was generated by 20% fewer apps than at the start of the year as a number of apps are no longer available

Why does this matter?

China is inarguably the enemy of internet freedom. Long notorious for maintaining its Great Firewall domestically, it is now exporting its concept of digital sovereignty that is founded on a highly-censored and surveilled internet.

VPN use is now strictly banned in China, so it’s highly unlikely that Chinese-run services are operating without the tacit approval of the Chinese government. And that, in turn, begs the question of “what’s in it for China?”

The answer is simple: potential access to the massive amounts of browsing data flowing through VPN networks.

VPN services give China access to huge amounts of foreign intelligence

Just as the harsh glare of suspicion is falling on Huawei’s ties with the Chinese state, similar scrutiny should be applied to VPN services.

It’s unacceptable that Google and Apple are keeping their heads buried in the sand rather than weeding out any VPN operators that don’t meet strict standards for integrity.

VPN Ownership: Apps 1-10

App VPN Proxy Master TurboVPN Snap VPN X-VPN VPN 360 VPN – Super Unlimited Free VPN Secure VPN VPN – Master Proxy HotspotVPN
Developer ALL Connected Co Innovative Connecting Lemon Clove Free Connected TouchVPN Mobile Jump FREE VPN LLC HotSpot VPN Sapling Growth Tech Co HotSpot VPN
iOS Installs* 800K 600K N/A 500K 400K 800K 200K N/A 60K 70K
Android Installs** 5M 50M 10M 10M 1M N/A 1M 5M N/A 1M
Ownership Chinese Chinese Chinese Chinese Chinese Chinese American Chinese Chinese Chinese
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
Recent Changes None None Dev Name None Dev Name None None None App Name None
Risk Status Still Risky Still Risky Still Risky Still Risky Still Risky Still Risky Still Risky Still Risky Still Risky Still Risky

* iOS installs are per month. ** Android installs are total from Google Play only.

VPN Ownership: Apps 11-20

App SkyVPN VPN Patron VPN for iPhone YogaVPN VPN Guru Hola Hotspot Shield Betternet TouchVPN Shield VPN
Developer Sentry Secure IST MEDIA Brain Craft LANPIPER PTE LTD Chi Zhang Hola AnchorFree Inc. AnchorFree Inc. TouchVPN Inc. Wuxi Jiubang
iOS Installs* 100K N/A 70K 60K N/A 70K 800K 700K 70K N/A
Android Installs** 5M N/A N/A 5M N/A 50M 50M 50M 10M N/A
Ownership Chinese Chinese Bangladeshi Chinese Chinese Israeli American American American Chinese
Availability Still Available Not Available Still Available Still Available Not Available Still Available Still Available Still Available Still Available Not Available
Recent Changes None None None Dev Name None None None None None None
Risk Status Low Risk N/A Caution Still Risky N/A Still Risky Low Risk Low Risk Low Risk N/A

* iOS installs are per month. ** Android installs are total from Google Play only.

VPN Ownership: Apps 21-30

App VṖN Victory VPN Storm VPN SuperVPN Free VPN VPN Private Thunder VPN Melon VPN Super VPN #VPN Psiphon
Developer Ever Fun Apps VPN Tech FengJie Yao SuperSoftTech VPN Private Signal Lab Inf Security Studio SuperVPN Inc Apalon Apps Psiphon Inc
iOS Installs* 50K 10K N/A N/A N/A N/A N/A N/A 80K 100K
Android Installs** N/A N/A N/A 50M N/A 10M 1M 10M N/A 10M
Ownership Chinese Chinese Unconfirmed Chinese Ukrainian HK Chinese Unconfirmed Chinese American Canadian
Availability Still Available Still Available Not Available Still Available Not Available Still Available Still Available Still Available Still Available Still Available
Recent Changes App Name Dev Name N/A None N/A None App & Dev Name None None None
Risk Status Still Risky Still Risky N/A Still Risky N/A Still Risky Still Risky Still Risky Low Risk Low Risk

* iOS installs are per month. ** Android installs are total from Google Play only.

Free VPN Risk Index: Summary

The Free VPN Risk Index (Android Apps), published in February, tested the 150 most-downloaded free VPN apps in Google Play for privacy and performance issues.

To create the Index, we tested for and analyzed:

  • DNS, WebRTC and IP leaks
  • Intrusive Android app permissions
  • Risky functions in the apps’ source code
  • Viruses and malware
  • Network performance
  • Encryption

Our results cast a significant shadow over the entire free VPN app category in Google Play. Our key findings included:

  • 25% of apps tested positive for DNS leaks
  • 85% requested intrusive permissions OR contained functions with potential for privacy abuses
    • 67% requested intrusive permissions, such as location tracking or access to personal info
    • 63% featured functions with the potential for privacy abuses not expected from a VPN app
  • 18% of apps tested positive for potential viruses or malware
  • 38% of apps displayed at least one “major abnormality” in network tests

In our review of the findings, published for the first time in this report, we looked at whether flagged apps still posed a risk.

We re-ran our battery of tests that included network traffic analysis, virus and malware scans, a review of current permissions, and a scan of the code for potentially unsafe functions.

The results of that review were:

  • 74% of the 150 apps included in the Risk Index, or 111 apps in total, continue to pose a risk to consumers due to persistent security flaws
  • The natural attrition rate of apps since that time has been 13% with 20 apps no longer available
  • The proportion of apps still available to download from Google Play that are also potentially unsafe is as high as 85%, ie 111 of 130 apps
  • 54% of the original 150 apps continue to feature intrusive permissions, which is 63% of the 130 apps still in the Play store
  • 53% of the full list continues to feature potentially unsafe functions, which is 61% of those still available to download. Unsafe functions that persist in the apps’ code include:
    • Camera;->open – used to open the device’s camera
    • LocationManager;->getLastKnownLocation – used to track users’ last location
    • TelephonyManager;->getDeviceId – used to get device info like IMEI or phone number
  • Potential viruses or malware were detected in 21% of the full list, actually an increase of three percentage points since February and nearly a quarter (24%) of those still available to download from Play
  • One positive development – potentially prompted by our scrutiny of the category – is a significant drop in DNS and other leaks, such as WebRTC and IP leaks.
    • 70% of apps flagged as leaky (28 apps) plugged those leaks
    • 7% of the full 150 apps currently leak, or 8% of those still available.
  • 10% of apps made positive improvements to make themselves safer for their users, although most didn’t go far enough to lose their red flags completely
  • We discovered 10% of apps are now even riskier than before due to the introduction of unsafe permissions and functions, or where scans detected new instances of malware or viruses
  • The potentially unsafe apps in the Risk Index have absolutely skyrocketed in popularity since we first published our findings, more than doubling from 260 million for the entire Risk Index in February to 518 million for the risky apps alone – all in less than six months.

Why Does This Matter?

The explosion in demand for VPN services is attracting those looking to profiteer from the spreading incursions on internet freedom.

The apps themselves are infested with intrusive advertising while the wealth of browsing data flowing through the VPN networks is a lucrative source of revenue for those willing to sell it onto marketers.

What’s most disturbing is that this profiteering is actually the lesser of the risks our tests have uncovered.

Truly malicious actors could easily abuse their access to this data to commit identity theft and fraud. There’s also the risk posed by the disturbingly high malware detection stat.

Google is simply ignoring significant privacy risks for over a half billion users of free VPN Android apps worldwide

So what should Google do?

  1. Acknowledge VPN apps to be more sensitive than other types of app
  2. Ban the use of intrusive permissions and privacy-unfriendly functions
  3. Require devs to demonstrate that their apps neither leak nor contain malware

Until this happens however, the free VPN category on Google Play will remain a privacy and security minefield for unsuspecting users, who are often desperate to circumvent repressive censorship measures in their home countries.

Free VPN Risk Index: Apps 1-10

App Betternet Hola Hotspot Shield Free SuperVPN TurboVPN VPN Master AnonyTun EasyOvpn Hi VPN Hotspot Shield Basic
Developer AnchorFree, Inc. Hola AnchorFree, Inc. SuperSoftTech Innovative Connecting Innovative Connecting Art Of Tunnel Easy4ULtd. Hi Security AnchorFree, Inc.
Installs 50M 50M 50M 50M 50M 50M 10M 10M 10M 10M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks WebRTC leak No leaks Leak fixed Leak fixed Leak fixed No leaks No leaks Leak fixed No leaks
Intrusive Permissions Detected Detected Detected Detected Not Detected Not Detected Detected New Detected Detected New Detected
Unsafe Functions Not Detected Detected Detected Detected Detected Detected Detected Detected Not Detected Not Detected
Virus/Malware Not Detected Not Detected Not Detected Not Detected New Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Risk Status Still Risky Still Risky Still Risky[1] Still Risky (Decreased) Still Risky (Increased) Still Risky (Decreased) Still Risky Still Risky (Increased) Still Risky (Decreased) Still Risky (Increased)

[1] AnchorFree provided us with a detailed explanation of the elements detected, which are used to serve targeted ads.

Free VPN Risk Index: Apps 11-20

App Proxy Master Psiphon Secure VPN Snap VPN SpeedVPN Super VPN TapVPN Thunder VPN Touch VPN TunnelBear
Developer Hotspot VPN Psiphon Inc. Signal Lab Lemon Clove GoSpeed Software SuperVPN Inc Mobbo Signal Lab TouchVPN, Inc. TunnelBear
Installs 10M 10M 10M 10M 10M 10M 10M 10M 10M 10M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks No leaks Leak fixed Leak fixed No leaks No leaks No leaks Leak fixed No leaks No leaks
Intrusive Permissions New Detected New Detected Not Detected Not Detected Detected Detected Not Detected Not Detected Detected Not Detected
Unsafe Functions Detected Detected Not Detected Detected Detected Detected Detected Not Detected Not Detected Not Detected
Virus/Malware New Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Risk Status Still Risky (Severe) Still Risky (Increased) [1] Low Risk (Decreased) Still Risky (Decreased) Still Risky Still Risky Still Risky (Decreased) Low Risk (Decreased) Still Risky Low Risk

[1] Psiphon provided us with a detailed explanation of the elements detected. While they do have legitimate purposes, the risk of abuse remains.

Free VPN Risk Index: Apps 21-30

App X-VPN Best Free VPN [1] SkyVPN Solo VPN Ultrasurf (beta) Unlimited Free VPN Monster VPNHub VPN Proxy Master VPN Robot
Developer Free Connected Ltd FlashSoftware VPN Master LLC [2] Sentry SkyVPN Security Team SoloVPN & NCleaner Ultrareach Autumn Breeze 2018 AppAtomic Ltd Innovative Connecting Lemon Clove
Installs 10M 5M 5M 5M 5M 5M 5M 5M 5M 5M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks Leak fixed
Intrusive Permissions New Detected New Detected Not Detected Detected Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Unsafe Functions Detected Detected Not Detected Detected Detected Detected Not Detected Detected Detected Not Detected
Virus/Malware Not Detected Not Detected New Detected Not Detected Not Detected Detected Not Detected Not Detected Detected Not Detected
Risk Status Still Risky Still Risky (Increased) Still Risky (Severe) Still Risky Still Risky Still Risky Low Risk Still Risky Still Risky Low Risk (Decreased)

[1], [2] App and developer name were both formerly FREE VPN.

Free VPN Risk Index: Apps 31-40

App Yoga VPN Secure VPN Amaze VPN AppVPN Bestline VPN Bot Changer VPN Browsec VPN EagleVPN Easy VPN FinchVPN
Developer Sarah Hawken Hotspot VPN FreeVPN WCOMES TECHNOLOGIES Unlimited DT Security Studio Bot Changer, Inc. Browsec LLC Free Unlimited VPN Hotspot VPN Finch Technology Ent.
Installs 5M 5M 1M 1M 1M 1M 1M 1M 1M 1M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks Leak fixed Leak fixed Leak fixed No leaks No leaks No leaks No leaks No leaks Leak fixed No leaks
Intrusive Permissions New Detected Not Detected Detected Detected Detected Detected Not Detected Detected Detected Not Detected
Unsafe Functions Detected Not Detected Not Detected Detected Detected Not Detected New Detected Not Detected Detected Not Detected
Virus/Malware Not Detected New Detected Detected Detected Not Detected New Detected Not Detected Detected Detected Not Detected
Risk Status Still Risky (Increased) Still Risky (Increased) Still Risky (Decreased) Still Risky Still Risky Still Risky Still Risky Still Risky Still Risky (Severe) Low Risk

[1] Developer name was formerly Eagle VPN.

Free VPN Risk Index: Apps 41-50

App FishVPN Free and Unlimited VPN Free VPN Free VPN by FreeVPN.org Free VPN Master Free VPN – Unblock Proxy GeckoVPN GO VPN Proxy Master Hammer VPN Hexatech
Developer Connect Anywhere Gibli Mobile Super VPN & Free Proxy Free VPN LLC Freemaster2018 Super VPN & Free Proxy Best Free VPN Proxy VPNMaster Team TunnelGuru Betternet LLC
Installs 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks Leak fixed No leaks Leak fixed No leaks No leaks Leak fixed Leak fixed No leaks No leaks No leaks
Intrusive Permissions Detected Not Detected Not Detected Detected Detected Detected Detected Detected Detected Not Detected
Unsafe Functions Detected Not Detected Not Detected Not Detected Not Detected Not Detected Detected Detected Detected Not Detected
Virus/Malware Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Detected Detected Not Detected
Risk Status Still Risky (Decreased) Low Risk Low Risk (Decreased) Still Risky Now Risky Still Risky (Increased) Still Risky (Severe) Still Risky (Severe) Still Risky (Severe) Low Risk

Free VPN Risk Index: Apps 51-60

App Hotspot VPN Hotspot VPN HOT VPN India VPN Kaspersky VPN Link VPN MoonVPN MyMobileSecure OLOW VPN [1] OvpnSpider
Developer Hotspot VPN Hotspot VPN Autumn Breeze 2018 World Vpn Kaspersky Lab FuryWeb Tech MoonRun Tech VoiceFive, Inc. VPN Expert [2] WCOMES TECHNOLOGIES
Installs 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks No leaks No leaks No leaks No leaks Leak fixed No leaks Leak fixed No leaks Leak fixed
Intrusive Permissions Detected Not Detected Not Detected Detected Detected Detected Detected Detected Detected Detected
Unsafe Functions Detected Not Detected Detected Not Detected Detected Detected Detected Not Detected Detected Detected
Virus/Malware Detected Detected Not Detected Detected Detected Not Detected Not Detected Not Detected Not Detected Detected
Risk Status Still Risky (Severe) Still Risky (Decreased) Still Risky (Decreased) Now Risky Still Risky (Increased) Still Risky Still Risky Still Risky (Severe) Still Risky Still Risky

[1], [2] App and developer name were formerly both OLO VPN.

Free VPN Risk Index: Apps 61-70

App Power VPN Rocket VPN Secure Web VPN SlowDNS Speedify Super Fast Hot VPN Super Turbo VPN [1] Surf VPN Troid VPN UAE FastVPN
Developer PowerVPN Liquidum Ltd Secure Web TunnelGuru Connectify Inc. Millionique Studio [2] Unlimited Freedom Apps XSoft inc TunnelGuru SuperApp Inc.
Installs 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks Leak fixed No leaks No leaks No leaks IP, DNS, WebRTC leaks DNS leaks No leaks No leaks No leaks
Intrusive Permissions Detected Detected Detected Detected Detected Not Detected Detected Not Detected Detected Not Detected
Unsafe Functions Detected Detected Detected Detected Detected Not Detected Detected Detected Detected Not Detected
Virus/Malware Not Detected Not Detected Not Detected Detected Not Detected Not Detected Not Detected Not Detected Detected Not Detected
Risk Status Still Risky Still Risky Still Risky (Decreased) Still Risky (Severe) Still Risky Still Risky (Severe) Still Risky (Severe) Still Risky (Decreased) Still Risky (Severe) Low Risk

[1] Full app name is Super Turbo VPN Unblocker.

[2] Developer name was formerly InstaBerry.

Free VPN Risk Index: Apps 71-80

App Unseen Online USA VPN VPN 360 VPN 365 VPN Easy VPN Master Melon VPN [2] VPN Unblocker VPN Unlimited WhatsVPN
Developer FREE VPN – Unseen Online World Vpn TouchVPN Inc. [1] Better Proxy ZPN Vpn Master Inf Security Studio [3] Royal Partner Company Machelle Russaw [4] Unlimited DT Security Studio
Installs 1M 1M 1M 1M 1M 1M 1M 1M 1M 1M
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks Leak fixed Leak fixed No leaks Leak fixed No leaks No leaks Leak fixed No leaks Leak fixed No leaks
Intrusive Permissions Not Detected Detected Not Detected Detected Detected Not Detected Detected Detected Detected Detected
Unsafe Functions Not Detected Detected Not Detected Not Detected Detected Not Detected Detected Not Detected Detected Detected
Virus/Malware Not Detected New Detected Not Detected Not Detected Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Risk Status Low Risk (Decreased) Still Risky (Increased) Low Risk Still Risky (Decreased) Still Risky (Severe) Low Risk Still Risky (Decreased) Still Risky Still Risky (Increased) Still Risky

[1] Developer name was formerly was Infinity Software Co.

[2], [3] App name was formerly VPN Melon and its developer Free Vpn Proxy.

[4] Developer name was formerly Genius Recorder

Free VPN Risk Index: Apps 81-90

App Windscribe Wuma VPN-PRO Xiaoming VPN Zero VPN ZPN 21VPN ACT VPN Combo VPN Fast VPN FireVPN
Developer Windscribe 无码wuma vpn Xiaoming Addison TNTAPP ZPN alloc64 VPN 翻墙 iStark SuperApp Inc. FireVPN
Installs 1M 1M 1M 1M 1M 500K 500K 500K 500K 500K
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks DNS leaks DNS leaks No leaks No leaks No leaks DNS leaks No leaks No leaks No leaks
Intrusive Permissions Detected Detected New Detected Detected Not Detected New Detected Detected Not Detected Not Detected Not Detected
Unsafe Functions Detected Not Detected Not Detected Not Detected Not Detected Detected Detected Detected Not Detected Not Detected
Virus/Malware Not Detected New Detected New Detected Detected Not Detected Not Detected New Detected Not Detected Not Detected Not Detected
Risk Status Low Risk Still Risky (Severe) Still Risky (Severe) Still Risky Low Risk Still Risky (Increased) Still Risky (Severe) Still Risky Low Risk Low Risk

Free VPN Risk Index: Apps 91-100

App Flash VPN Gulf Secure VPN Hideman Free VPN InvinciBull VPN MaxVPN VPN Fast Connect [1] Stark VPN Star VPN Totally Free VPN DOG VPN
Developer Joymore Apps Gulf Secure VPN ETsoft (was Hideman Ltd) Finjan Mobile, Inc LVVMobile ATH Software iStark Star VPN Rejinderi Huago Data Security Center
Installs 500K 500K 500K 500K 500K 500K 500K 500K 500K 500K
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks Leak fixed No leaks No leaks No leaks No leaks No leaks Leak fixed No leaks No leaks DNS leaks
Intrusive Permissions Detected New Detected Not Detected New Detected Not Detected Detected Detected Detected Not Detected Detected
Unsafe Functions Not Detected Not Detected Detected Detected Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Virus/Malware Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Risk Status Still Risky (Severe) Still Risky (Increased) Still Risky (Decreased) Still Risky (Increased) Still Risky Still Risky Still Risky (Decreased) Still Risky Low Risk Still Risky (Severe)

[1] App name was formerly “Free VPN and Fast Connect – OpenVPN for Android”

Free VPN Risk Index: Apps 101-110

App VPN Express VPN Lighter VPN Tube 5G VPN Easy VPN FalcoVPN Free Proxy Master GetBehind.me Hello VPN Hi VPN Pro
Developer FIFA VPN Sarah Hawken ITehno Viktor Vorobei SP mscmdh2 ATH Software Infoweise VeePN [1] Siteflex LLC appmobyu Hi Security
Installs 500K 500K 500K 100K 100K 100K 100K 100K 100K 100K
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available No Longer Available Still Available
DNS Leaks No leaks Leak fixed No leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks
Intrusive Permissions New Detected Detected Not Detected Not Detected Not Detected Detected New Detected Not Detected Detected New Detected
Unsafe Functions Detected Detected Detected Detected Detected Not Detected Detected Not Detected Not Detected Detected
Virus/Malware Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Detected Not Detected
Risk Status Still Risky (Increased) Still Risky Still Risky Still Risky Still Risky Still Risky Still Risky (Severe) Low Risk N/A Still Risky (Severe)

[1] Developer name was formerly was DevProm

Free VPN Risk Index: Apps 111-120

App Hotspot VPN Hoxx VPN JoyVPN Leafy VPN Reindeer VPN Robo VPN Free Hot VPN SaferVPN SetupVPN Smart VPN
Developer Aresmob Studio HOXX VPN Emanuil Hristov Nacl LLC Tetrastar Technology Rosislav Oresharov Instakeet Safer Social SetupVPN Hotspot VPN (was Brainlab)
Installs 100K 100K 100K 100K 100K 100K 100K 100K 100K 100K
Availability Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks No leaks Tests Fail DNS leaks No leaks Tests Fail Tests Fail No leaks No leaks No leaks
Intrusive Permissions Not Detected Not Detected Detected Not Detected Detected Detected Detected Not Detected Not Detected Not Detected
Unsafe Functions Not Detected Detected Detected Detected Detected Detected Detected Detected Detected Detected
Virus/Malware New Detected Not Detected Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Risk Status Still Risky (Severe) Still Risky (Decreased) Still Risky (Severe) Still Risky (Severe) Still Risky Still Risky Still Risky Still Risky (Severe) Still Risky Still Risky

Free VPN Risk Index: Apps 121-130

App Squid VPN Super Hot Best VPN [1] Super VPN Hotspot Super VPN VPN Gate List VPN Master VPN Sky Webzilla Free Unlimited VPN Free VPN
Developer Professional VPN MaazAppsMentor AppsHub Droid Tech Insta Lab Rejinderi apps quality creator (was Abso Green) Aresmob Studio Webzilla Apps Inc khasologix Emoji Studio
Installs 100K 100K 100K 100K 100K 100K* 100K 100K 50K 50K
Availability Still Available Still Available Still Available Still Available Still Available No Longer Available Still Available Still Available Still Available Still Available
DNS Leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks No leaks
Intrusive Permissions Detected Detected Not Detected Detected Detected Not Detected Not Detected Detected Not Detected Not Detected
Unsafe Functions Detected Detected Not Detected Not Detected Not Detected Detected Not Detected Detected Detected Detected
Virus/Malware Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Detected Not Detected Not Detected Not Detected
Risk Status Still Risky (Severe) Still Risky Still Risky Still Risky Low Risk Still Risky Still Risky (Severe) Still Risky (Severe) Still Risky Still Risky

[1] App name was formerly Super VPN 2018
* Last recorded total app installs before removal from Google Play.

Free VPN Risk Index: Apps 131-140

App MeteorVPN SuperVPN 2018 VPN Proxy Pro 2017 VPN Private VPN super free VPN Unblock Bokep Sites Atom VPN HotVPN AIR VPN Cloud VPN
Developer Rosislav Oresharov Aresmob Studio Apps Island VPN Private SHSApps Vpn Internet Atomvpn.com HOTVPN Team free vpn proxy CM Team
Installs 50K 50K 50K 10M* 1M* 1M* 500K* 500K* 100K* 100K*
Availability Available to Download Available to Download Available to Download No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available
DNS Leaks No leaks No leaks No leaks DNS leaks DNS leaks No leaks No leaks No leaks No leaks DNS leaks
Intrusive Permissions Detected Not Detected Not Detected Not Detected Detected Not Detected Detected Detected Not Detected Detected
Unsafe Functions Detected Not Detected Detected Not Detected Detected Detected Detected Not Detected Detected Not Detected
Virus/Malware Not Detected Detected Not Detected Not Detected Detected Not Detected Not Detected Not Detected Not Detected Detected
Risk Status Still Risky Still Risky (Severe) Still Risky NA NA NA NA NA NA NA

* Last recorded total app installs before removal from Google Play.

Free VPN Risk Index: Apps 141-150

App FastVPN Freedom VPN Super Power VPN VPN Free Super Speed VPN Secure Touch Master VPN Master – USA Ghost Free VPN Panda Free VPN Supper VPN Proxy unlimited free easy vpn
Developer visual communication Hallow Smart HOTVPN Team ns studio Izzidroids Free Vpn Proxy BerryDevelopers Plex Inc. Abc Studio Apps Trend Setter
Installs 100K* 100K* 100K* 100K* 100K* 100K* 50K* 50K* 50K* 50K*
Availability No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available No Longer Available
DNS Leaks Tests Fail (Fake App) No leaks No leaks Tests Fail No leaks No leaks No leaks No leaks IP, DNS, WebRTC leaks No leaks
Intrusive Permissions Detected Detected Not Detected Not Detected Not Detected Detected Not Detected Not Detected Detected Not Detected
Unsafe Functions Detected Not Detected Detected Detected Detected Not Detected Detected Detected Detected Detected
Virus/Malware Not Detected Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected Not Detected
Risk Status NA NA NA NA NA NA NA NA NA NA

* Last recorded total app installs before removal from Google Play.

Methodology

Full methodologies for the original research can be viewed on their respective reports: VPN Ownership and Risk Index.

For the VPN Ownership review, we reviewed each app’s store listing and re-assessed the privacy policies to determine their risk status. This information was supplied to Apple and Google.

For the Risk Index review, we re-ran the tests used in the original research. We downloaded the binaries of the apps that were still available and re-ran the VirusTotal scans for analysis. We also installed the apps on an Android device and analysed network traffic in a controlled test environment using Wireshark to corroborate leak test results. The results were sent to Google.

The results of these recent tests can be viewed in this Risk Index update data source, which is also available as a PDF download.