Security News > 2020 > April > Google removes Android VPN with ‘critical vulnerability’ from Play Store
2020-04-09 09:48
Google has removed an Android VPN program from the Google Play store after researchers notified it of a critical vulnerability.
VPNpro, a company that reviews and advises on VPN products, warned in February of a vulnerability in the product that could cause a man in the middle attack, enabling an intruder to insert themselves between the user and the VPN service.
What this VPN app has done is to leave its users, people seeking extra privacy and security, to actually have less privacy and security than if they'd used no VPN at all.
Instead, it notified the Google Play Security Reward Program, operated for Google by HackerOne.
SuperVPN wasn't the only Android VPN to raise VPNpro's concerns.
News URL
Related news
- Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- How Google tracks Android device users before they've even opened an app (source)
- Google fixes Android zero-day exploited by Serbian authorities (source)
- Google expands Android AI scam detection to more Pixel devices (source)
- Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)