Google Removed Shady Android VPN App That Allowed MiTM Attacks

  •  
  •  
  •  
  • 1
  •  
  •  
  •  
    1
    Share

Google have recently removed a shady Android VPN App from the Play Store. Identified as SuperVPN Free VPN Client, this app boasted 100 million installs and had vulnerabilities allowing for MiTM attacks.

SuperVPN Free VPN Client Bugs

A couple of months ago, researchers from VPNpro shared a detailed study about various VPN apps on the Play Store exhibiting vulnerabilities. The most noteworthy of all was the SuperVPN Free VPN Client app, which exhibited shady behavior alongside security bugs.

Now, in a recent post, the researchers have shared more details about this app. As revealed, the app not only had vulnerabilities allowing man-in-the-middle (MiTM) attacks. Rather it also used blackhat SEO tactics to top up the Play Store.

Briefly, the app has its hardcoded encryption key stored within, allowing anyone accessing the key to decrypt all the data. Plus, it also became possible for an adversary to change the app’s data server. As explained by the researchers,

We discovered that SuperVPN connects with multiple hosts. On one of these hosts, we discovered that a package (payload) was being sent from the app via unsecured HTTP…
After more digging, we found that the payload actually contained the key needed to decrypt the information. After decrypting and decoding this data, we found it contained sensitive server information, its certificates, and the credentials that the VPN server needs for authentication. Once we had this information, we replaced the real SuperVPN server data with our own server data.

In addition, the app also had no precise information regarding the owner – a clear violation of Google’s policy. We suggest you to look at le migliori vpn for verified VPN sites

Google Removed The Shady VPN App

The researchers informed Google of the matter via their Google Play Security Reward Program (GPSRP) following which, Google confirmed the existence of the vulnerabilities even with the latest version of SuperVPN. The researchers also tried contacting the developers of the app SuperSoftTech. However, upon witnessing no response, Google removed the shady android VPN app SuperVPN Free VPN Client from the Play Store.

Another app claiming to be the paid version of the VPN from the same developers still exists.

The following two tabs change content below.

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!