gradient

2024 saw a surge in malicious free VPN apps

Increasingly more people have encountered malicious free VPN apps in 2024.

This is what unveils security software firm Kaspersky’s new research. Experts have found that, between July and September, VPN users worldwide may have downloaded malware and malicious programs 2.5 times more than in the three months before when trying to get a free service. This surge has continued for the rest of the year.

The demand for VPN apps has never been so high. The best VPN services are great tools to boost your online experience, in fact – from providing more privacy and security against growing digital threats to unlocking foreign streaming libraries, censored sites, and games. Yet, many free applications can create more problems instead.

The danger of free VPNs

“Users tend to believe that if they find a VPN app in an official store, like Google Play, it is safe. And they think it is even better if this VPN service is free! However, this often ends up being a trap,” said Vasily Kolesnikov, Security Expert at Kaspersky.

In May 2024, US law enforcement dismantled what’s thought to be the largest-ever botnet, meaning a network of infected devices. At least 18 fake free VPN apps were largely used to create it, including the likes of MaskVPN, DewVPN, PaladinVPN, ProxyGate, ShieldVPN, and ShineVPN. You can see the full list here.

Do you know?

(Image credit: Future)

Black Friday is the best time of year to subscribe to a premium VPN service as some of the top providers axe their pricing for the occasion. Check out our Black Friday VPN deals hub to get the most out of today’s sales before it’s too late.

Every time a person downloaded these malicious apps, their device turned into a proxy server, allowing attackers to reroute internet traffic. The network counted 19 million unique IP addresses across over 190 countries worldwide of hijacked devices.

The investigation also found that the malicious servers made by unaware free VPN users were later sold to other cybercriminals for launching cyberattacks, money laundering, and mass fraud.

When not used to inject malware, free VPNs can still put your privacy at risk through invasive online tracking and data collection – exactly what you want to stop when using a VPN in the first place.

Kolesnikov said: “To stay safe, users should remain wary of these threats and use a security solution, along with a trusted and proven VPN service.”