sb-as logo
Story image

40% of free VPN apps found to leak data

Recent political developments around the world have created an increased demand for VPN services. In Hong Kong, citizens flocked to VPNs to protect their freedom of speech, while Turkey, Pakistan, and India banned hundreds of apps even the US flirted with the idea of banning TikTok.

According to new research from NordVPN, the interest in consumer VPN apps spiked by 32% in July compared to the average 1% growth rate in previous months. In August, when the Trump administration announced they were considering banning TikTok, demand for free consumer VPNs grew by 48%.

Free VPN app category downloads in the US, Jan-July 2020. (Apps analyzed: Best VPN Proxy Betternet, Hi VPN - Free VPN Proxy, Server, Hotspot VPN Service, Hola Free VPN Proxy Unblocker, HotspotShield VPN & Wifi Proxy, NordVPN fast VPN app for privacy & security, SuperVPN Free VPN Client, Turbo VPN - Free VPN Proxy Server & Secure Service). SensorTower data.

ProPrivacy has researched the top 250 free VPN apps available on Google Play Store and found that 40% failed to adequately protect users privacy.

These apps, which falsely claim to protect privacy, collectively amount to 81.4 million downloads. This equals the populations of Germany, Turkey, and Iran, or a quarter of the US population.

According to NordVPN, the public's perception of digital privacy is changing. 

"The number of VPN users is increasing as governments across the world are treating their citizen's privacy with contempt," it says. 

"Some examples include the UK passing the law dubbed The Snoopers Charter, the US administration allowing ISPs to track customers and sell data to third parties in 2017, and the Chinese criminalising criticism of the government. The latest action resulted in the number of NordVPN inquiries from Hong Kong increasing by 120 times."

"The growing awareness of digital privacy has become hugely lucrative for opportunists. A survey run by NordVPN shows that half of Americans are using VPNs, and a third of them rely on free services."

Whats wrong with free VPNs?

ProPrivacy tested free VPNs for a range of leaks using both IPv4 and IPv6 connections. The results were disturbing. Four in every ten tested VPNs had a leak. This represents a monumental failure for almost half of all free VPNs and could potentially be putting the privacy of their users at risk.

"There is no such thing as a free lunch. If a user does not pay for a service, there must be an alternative price to be paid. And, very often, it's privacy. 

"That is exactly what happened this July, when seven free VPN providers were caught leaking 1,2TB of personal user data despite their continuous claims to be holding no logs," says Daniel Markuson, Digital Privacy Expert at NordVPN.

Additionally, a study by CSIRO discovered that more than 75% of free VPNs have at least one third-party tracker rooted in their software. These trackers collect information on customers online presence and forward that data to advertising agencies to optimize their ads.

Ways to know your VPN is trustworthy

Reliable VPN providers invest their time and effort in auditing their service for no-logs policy affirmations, participate in the VPN Trust Initiative led by i2Coalition, and have very detailed and clear terms of service and privacy policy statements.

According to Markuson, when looking for a trustworthy VPN provider, the user should at least check if the claims of no-logs are based on evidence. 

"If the service they are choosing is free of charge, it should be a red flag to question where the provider is getting funding and how they survive. Usually, the answer is that they make money by selling users data to third parties.

"Free VPNs are notoriously bad when it comes to privacy, entirely defeating the point of downloading a VPN to protect your privacy in the first place," he says. 

"To help users ensure their VPN is working as it should, we have created a simple VPN Leak Testing tool, which walks users through a number of steps to properly test their VPN and protect themselves online," adds Sean McGrath, Editor and Free VPN Leak Project Lead at ProPrivacy."

Story image
DDoS attacks surge, becoming more sophisticated
After doubling from Q1 to Q2, the total number of network layer attacks observed in Q3 doubled again — resulting in a 4x increase in number compared to the pre-COVID levels in the first quarter. More
Story image
Kaspersky unveils two major update to its Transparency Initiative
The company has announced the opening of a new Transparency Center, as well as the ompletion of a widespread transferal of data storage and processing activities to Switzerland.More
Story image
How has COVID-19 transformed our perception of work?
Almost three quarters (74%) of people never want to return to pre-COVID-19, traditional work paradigms, putting more pressure on employees to adequately support and secure changing workplace environments.More
Story image
ThreatQuotient & Infoblox integrate threat intelligence capabilities
“Together, our integration eases the consumption of threat intelligence from various internal and external sources to ensure that intelligence is accurate, relevant and timely to an organisation’s business.”More
Link image
The definitive checklist to distinguish a broken authentication system
An improper or insecure implementation of authentication is a critical web application security risk. This checklist will discern the good from the bad.More
Story image
With cyber-threats continuing to evolve, organisations need to remain in the fight in 2021
Teams can make improvements in 2021 by having a more comprehensive understanding of the threats that are out there and defining how they conduct operations to offer flexibility to adapt better.More