Android VPN apps seeking unnecessary permissions

A few Android VPN apps available on the official Google Play Store are found to be requesting access to “dangerous” user permission. According to the research, these permissions are not necessary for a normal VPN app and might be unsafe in nature.

John Mason from TheBestVPN analyzed the 81 Android apps available on the Google Play Store and claimed to have downloaded and extracted the permissions from each VPN app.

In his report, he explains that Google categorizes permissions in two parts. The “Normal” permission that Android OS gives app without notifying the users and the “Dangerous” that requires permission from the users.

Mason reveals that 50 out of the 81 apps he tested requested access to at least one dangerous permission that accessed user data. While many apps were found to have legitimate reasons for requesting permission, there were a few that were taking unnecessary permissions.
In his research, he found that VPN apps requested access to read/write permissions for external device storage, access to precise user’s location data, and the ability to toggle system settings. Some even requested access to call logs and local files.

He concluded his report by stating that VPN apps do require some permission to function. However, a large number of permissions that are required by these VPN apps cause suspicion and can lead to risky circumstances.

Take a look at the file here for a breakdown of every VPN app and the permission it requested during Mason’s research.

Some Virtual private network apps in Google Play Store request access to permissions they don't need
Photo: AndroidPIT

Read Next: WordPress Stands On Top In Most Hacked Content Management Systems of 2018

No comments:

Post a Comment