Security and Privacy Risks in Free VPN Applications

First reported

02.10.2025 16:00

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

A large-scale study by Zimperium zLabs analyzed 800 free VPN apps for Android and iOS, revealing significant security and privacy risks. Many apps failed to provide expected protection, exposing users to vulnerabilities such as outdated libraries, weak encryption, misleading privacy disclosures, and excessive permission requests. These risks are particularly concerning for organizations with BYOD policies and remote workers, as they can compromise sensitive corporate data. The study highlights the need for stronger security models, including multi-layered responses, endpoint visibility, and zero-trust approaches to mitigate these risks.

Timeline

02.10.2025 16:00 1 articles · 2d ago

Zimperium zLabs Study Reveals Security Risks in Free VPN Apps
A comprehensive analysis of 800 free VPN apps for Android and iOS identified major security and privacy weaknesses. These include outdated libraries, weak encryption, misleading privacy disclosures, and excessive permission requests. The study highlights the risks to organizations with BYOD policies and the need for stronger security measures.
Show sources

Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00
Open in new tab

Information Snippets

Zimperium zLabs reviewed 800 VPN apps for Android and iOS.
First reported: 02.10.2025 16:00

1 source, 1 article
Show sources
- Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00
Many free VPN apps use outdated libraries, including vulnerable versions of OpenSSL.
First reported: 02.10.2025 16:00

1 source, 1 article
Show sources
- Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00
Approximately 1% of the apps allowed Man-in-the-Middle (MitM) attacks.
First reported: 02.10.2025 16:00

1 source, 1 article
Show sources
- Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00
About 25% of iOS apps lacked a valid privacy manifest.
First reported: 02.10.2025 16:00

1 source, 1 article
Show sources
- Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00
Many apps requested excessive permissions, such as access to microphones and location data.
First reported: 02.10.2025 16:00

1 source, 1 article
Show sources
- Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00
Organizations with BYOD policies are particularly vulnerable to these risks.
First reported: 02.10.2025 16:00

1 source, 1 article
Show sources
- Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00
Over 6% of iOS VPN apps requested private entitlements, potentially allowing deep access to the operating system.
First reported: 02.10.2025 16:00

1 source, 1 article
Show sources
- Free VPN Apps Found Riddled With Security Flaws — www.infosecurity-magazine.com — 02.10.2025 16:00

Summary

Timeline

Zimperium zLabs Study Reveals Security Risks in Free VPN Apps

Information Snippets