Skip to main content

Malicious VPNs found on Google Play Store — delete these Android apps now

Android Smartphone
(Image credit: Unsplash)

A virtual private network (VPN) is specifically made to protect users when surfing the wild web, but even they can fall victim to malicious software, and Android apps are the latest culprits.

Check Point Research reported eight malicious apps found on the Google Play Store, each with the ability to hijack someone's smartphone and have complete access to their bank account details. Google Play Protect usually detects malicious payloads found in apps and prevents them from appearing on the Store, but a new dropper snuck in. 

The "Clast82" dropper, which is malware designed to avoid detection, could bypass the Google Play Store's evaluation process by setting an “enable” parameter. The malicious software, a Malware-as-a-Service (MaaS) for Android devices known as AlienBot, would only trigger once Google had published it on the Google Play Store.

According to the reports, once the apps with Clast82 were downloaded, hackers could access a user’s financial accounts, and eventually take full control of the phone. It would give them so much control it would be like the hackers "were holding the device physically." Yikes.

Check Point Research discovered the malicious apps in January, with Google confirming that the apps had been removed from the Google Play Store on February 9. However, that still means some unsuspecting users could have the apps installed on their smartphones. If you have any of the below, delete them now. 

  • Cake VPN
  • Pacific VPN
  • eVPN
  • BeatPlayer
  • QR/Barcode Scanner MAX
  • Music Player
  • tooltipnatorlibrary
  • QRecorder

It's always a good idea to do a background check of any app you're not familiar with before downloading it. We recommend reading user reviews online and researching the developer of the app. If you're looking to be protected online (without worrying if the app is out to steal your bank details), you can't go wrong with the best VPN services around.